Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8
9(* constrain sledgehammer to the abstraction layer *)
10unbundle AOT_no_atp
11
12AOT_theorem "modus-ponens": assumes φ and φ  ψ shows ψ
13  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
14lemmas MP = "modus-ponens"
15
16AOT_theorem "non-con-thm-thm": assumes  φ shows  φ
17  using assms by simp
18
19AOT_theorem "vdash-properties:1[1]": assumes φ  Λ shows  φ
20  using assms unfolding AOT_model_act_axiom_def by blast (* NOTE: semantics needed *)
21
22text‹Convenience attribute for instantiating modally-fragile axioms.›
23attribute_setup act_axiom_inst =
24  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
25  "Instantiate modally fragile axiom as modally fragile theorem."
26
27AOT_theorem "vdash-properties:1[2]": assumes φ  Λ shows  φ
28  using assms unfolding AOT_model_axiom_def by blast (* NOTE: semantics needed *)
29
30text‹Convenience attribute for instantiating modally-strict axioms.›
31attribute_setup axiom_inst =
32  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
33  "Instantiate axiom as theorem."
34
35text‹Convenience methods and theorem sets for applying "cqt:2".›
36method cqt_2_lambda_inst_prover = (fast intro: AOT_instance_of_cqt_2_intro)
37method "cqt:2[lambda]" = (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
38lemmas "cqt:2" = "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst] AOT_instance_of_cqt_2_intro
39method "cqt:2" = (safe intro!: "cqt:2")
40
41AOT_theorem "vdash-properties:3": assumes  φ shows Γ  φ
42  using assms by blast
43
44AOT_theorem "vdash-properties:5": assumes Γ1  φ and Γ2  φ  ψ shows Γ1, Γ2  ψ
45  using MP assms by blast
46
47AOT_theorem "vdash-properties:6": assumes φ and φ  ψ shows ψ
48  using MP assms by blast
49
50AOT_theorem "vdash-properties:8": assumes Γ  φ and φ  ψ shows Γ  ψ
51  using assms by argo
52
53AOT_theorem "vdash-properties:9": assumes φ shows ψ  φ
54  using MP "pl:1"[axiom_inst] assms by blast
55
56AOT_theorem "vdash-properties:10": assumes φ  ψ and φ shows ψ
57  using MP assms by blast
58lemmas "→E" = "vdash-properties:10"
59
60AOT_theorem "rule-gen": assumes for arbitrary α: φ{α} shows α φ{α}
61  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall) (* NOTE: semantics needed *)
62lemmas GEN = "rule-gen"
63
64AOT_theorem "RN[prem]": assumes Γ  φ shows Γ  φ
65  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
66AOT_theorem RN: assumes  φ shows φ
67  using "RN[prem]" assms by blast
68
69AOT_axiom "df-rules-formulas[1]": assumes φ df ψ shows φ  ψ
70  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
71AOT_axiom "df-rules-formulas[2]": assumes φ df ψ shows ψ  φ
72  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
73(* NOTE: for convenience also state the above as regular theorems *)
74AOT_theorem "df-rules-formulas[3]": assumes φ df ψ shows φ  ψ
75  using "df-rules-formulas[1]"[axiom_inst, OF assms].
76AOT_theorem "df-rules-formulas[4]": assumes φ df ψ shows ψ  φ
77  using "df-rules-formulas[2]"[axiom_inst, OF assms].
78
79
80AOT_axiom "df-rules-terms[1]":
81  assumes τ{α1...αn} =df σ{α1...αn}
82  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
83  using assms by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
84AOT_axiom "df-rules-terms[2]":
85  assumes τ =df σ
86  shows (σ  τ = σ) & (¬σ  ¬τ)
87  by (metis "df-rules-terms[1]" case_unit_Unity assms)
88(* NOTE: for convenience also state the above as regular theorems *)
89AOT_theorem "df-rules-terms[3]":
90  assumes τ{α1...αn} =df σ{α1...αn}
91  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
92  using "df-rules-terms[1]"[axiom_inst, OF assms].
93AOT_theorem "df-rules-terms[4]":
94  assumes τ =df σ
95  shows (σ  τ = σ) & (¬σ  ¬τ)
96  using "df-rules-terms[2]"[axiom_inst, OF assms].
97
98
99AOT_theorem "if-p-then-p": φ  φ
100  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
101
102AOT_theorem "deduction-theorem": assumes φ  ψ shows φ  ψ
103  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
104lemmas CP = "deduction-theorem"
105lemmas "→I" = "deduction-theorem"
106
107AOT_theorem "ded-thm-cor:1": assumes Γ1  φ  ψ and Γ2  ψ  χ shows Γ1, Γ2  φ  χ
108  using "→E" "→I" assms by blast
109AOT_theorem "ded-thm-cor:2": assumes Γ1  φ  (ψ  χ) and Γ2  ψ shows Γ1, Γ2  φ  χ
110  using "→E" "→I" assms by blast
111
112AOT_theorem "ded-thm-cor:3": assumes φ  ψ and ψ  χ shows φ  χ
113  using "→E" "→I" assms by blast
114declare "ded-thm-cor:3"[trans]
115AOT_theorem "ded-thm-cor:4": assumes φ  (ψ  χ) and ψ shows φ  χ
116  using "→E" "→I" assms by blast
117
118lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
119
120AOT_theorem "useful-tautologies:1": ¬¬φ  φ
121  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
122AOT_theorem "useful-tautologies:2": φ  ¬¬φ
123  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
124AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
125  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
126AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
127  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
128AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
129  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
130
131AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
132  by (metis "→I" MP "useful-tautologies:4")
133
134AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
135  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
136
137AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
138  by (metis "→I" MP "useful-tautologies:5")
139
140AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
141  by (metis "→I" MP "useful-tautologies:6")
142
143AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
144  by (metis "→I" MP "pl:3"[axiom_inst])
145
146AOT_theorem "dn-i-e:1": assumes φ shows ¬¬φ
147  using MP "useful-tautologies:2" assms by blast
148lemmas "¬¬I" = "dn-i-e:1"
149AOT_theorem "dn-i-e:2": assumes ¬¬φ shows φ
150  using MP "useful-tautologies:1" assms by blast
151lemmas "¬¬E" = "dn-i-e:2"
152
153AOT_theorem "modus-tollens:1": assumes φ  ψ and ¬ψ shows ¬φ
154  using MP "useful-tautologies:5" assms by blast
155AOT_theorem "modus-tollens:2": assumes φ  ¬ψ and ψ shows ¬φ
156  using "¬¬I" "modus-tollens:1" assms by blast
157lemmas MT = "modus-tollens:1" "modus-tollens:2"
158
159AOT_theorem "contraposition:1[1]": assumes φ  ψ shows ¬ψ  ¬φ
160  using "→I" MT(1) assms by blast
161AOT_theorem "contraposition:1[2]": assumes ¬ψ  ¬φ shows φ  ψ
162  using "→I" "¬¬E" MT(2) assms by blast
163
164AOT_theorem "contraposition:2": assumes φ  ¬ψ shows ψ  ¬φ
165  using "→I" MT(2) assms by blast
166
167(* TODO: this is actually a mixture of the two variants given in PLM; adjust. *)
168AOT_theorem "reductio-aa:1":
169  assumes ¬φ  ¬ψ and ¬φ  ψ shows φ
170  using "→I" "¬¬E" MT(2) assms by blast
171AOT_theorem "reductio-aa:2":
172  assumes φ  ¬ψ and φ  ψ shows ¬φ
173  using "reductio-aa:1" assms by blast
174lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
175
176AOT_theorem "exc-mid": φ  ¬φ
177  using "df-rules-formulas[4]" "if-p-then-p" MP "conventions:2" by blast
178
179AOT_theorem "non-contradiction": ¬(φ & ¬φ)
180  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2" "conventions:1" by blast
181
182AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
183  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
184AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
185  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2) "¬¬E" "conventions:1")
186lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
187
188AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
189  by (meson "contraposition:1[2]" "df-rules-formulas[4]" MP "→I" "conventions:2")
190AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
191  using "Hypothetical Syllogism" "df-rules-formulas[4]" "pl:1"[axiom_inst] "conventions:2" by blast
192lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
193
194AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
195  by (metis "contraposition:2" "Hypothetical Syllogism" "→I" "df-rules-formulas[4]" "conventions:1")
196lemmas Adjunction = "con-dis-taut:5"
197
198AOT_theorem "con-dis-taut:6": (φ & φ)  φ
199  by (metis Adjunction "→I" "df-rules-formulas[4]" MP "Conjunction Simplification"(1) "conventions:3")
200lemmas "Idempotence of &" = "con-dis-taut:6"
201
202AOT_theorem "con-dis-taut:7": (φ  φ)  φ
203proof -
204  {
205    AOT_assume φ  φ
206    AOT_hence ¬φ  φ
207      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
208    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
209  }
210  moreover {
211    AOT_assume φ
212    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
213  }
214  ultimately AOT_show (φ  φ)  φ
215    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
216    by (metis Adjunction "→I")
217qed
218lemmas "Idempotence of ∨" = "con-dis-taut:7"
219
220
221AOT_theorem "con-dis-i-e:1": assumes φ and ψ shows φ & ψ
222  using Adjunction MP assms by blast
223lemmas "&I" = "con-dis-i-e:1"
224
225AOT_theorem "con-dis-i-e:2:a": assumes φ & ψ shows φ
226  using "Conjunction Simplification"(1) MP assms by blast
227AOT_theorem "con-dis-i-e:2:b": assumes φ & ψ shows ψ
228  using "Conjunction Simplification"(2) MP assms by blast
229lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
230
231AOT_theorem "con-dis-i-e:3:a": assumes φ shows φ  ψ
232  using "Disjunction Addition"(1) MP assms by blast
233AOT_theorem "con-dis-i-e:3:b": assumes ψ shows φ  ψ
234  using "Disjunction Addition"(2) MP assms by blast
235AOT_theorem "con-dis-i-e:3:c": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
236  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2) "df-rules-formulas[3]" MT(1) RAA(1) "conventions:2" assms)
237lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
238
239AOT_theorem "con-dis-i-e:4:a": assumes φ  ψ and φ  χ and ψ  χ shows χ
240  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
241AOT_theorem "con-dis-i-e:4:b": assumes φ  ψ and ¬φ shows ψ
242  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
243AOT_theorem "con-dis-i-e:4:c": assumes φ  ψ and ¬ψ shows φ
244  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
245lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
246
247AOT_theorem "raa-cor:1": assumes ¬φ  ψ & ¬ψ shows φ
248  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
249AOT_theorem "raa-cor:2": assumes φ  ψ & ¬ψ shows ¬φ
250  using "raa-cor:1" assms by blast
251AOT_theorem "raa-cor:3": assumes φ and ¬ψ  ¬φ shows ψ
252  using RAA assms by blast
253AOT_theorem "raa-cor:4": assumes ¬φ and ¬ψ  φ shows ψ
254  using RAA assms by blast
255AOT_theorem "raa-cor:5": assumes φ and ψ  ¬φ shows ¬ψ
256  using RAA assms by blast
257AOT_theorem "raa-cor:6": assumes ¬φ and ψ  φ shows ¬ψ
258  using RAA assms by blast
259
260(* TODO: note these need manual introduction rules *)
261AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
262  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
263     (metis "&E" "&I" "raa-cor:3" "→I" MP)
264AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
265  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
266     (metis "&E" "&I" "raa-cor:3" "→I" MP)
267AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
268  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
269     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
270
271AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
272  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
273     (meson "&I" "&E" "→I")
274lemmas "Commutativity of &" = "oth-class-taut:2:a"
275AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
276  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
277     (metis "&I" "&E" "→I")
278lemmas "Associativity of &" = "oth-class-taut:2:b"
279AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
280  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
281     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
282lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
283AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
284  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
285     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
286lemmas "Associativity of ∨" = "oth-class-taut:2:d"
287AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
288  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
289      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E" "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
290lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
291AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
292  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
293        "→I" "→E" "&E" "&I"
294  by metis
295lemmas "Associativity of ≡" = "oth-class-taut:2:f"
296
297AOT_theorem "oth-class-taut:3:a": φ  φ
298  using "&I" "vdash-properties:6" "if-p-then-p" "df-rules-formulas[4]" "conventions:3" by blast
299AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
300  using "&I" "useful-tautologies:1" "useful-tautologies:2" "vdash-properties:6" "df-rules-formulas[4]" "conventions:3" by blast
301AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
302  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
303
304AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
305  by (metis "→E" "→I")
306AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
307  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
308        "→I" "→E" "&E" "&I" RAA by metis
309AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
310  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
311        "→I" "→E" "&E" "&I" by metis
312AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
313  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
314        "→I" "→E" "&E" "&I" by metis
315AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
316  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
317        "→I" "→E" "&E" "&I" by metis
318AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
319  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
320        "→I" "→E" "&E" "&I" by metis
321(* TODO: nicer proof *)
322AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
323  apply (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I"; rule "→I")
324   apply (drule "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
325   apply (metis "&I" "&E" "∨I"(1,2) MT(1) "raa-cor:3")
326  apply (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I"; rule "→I")
327  using "&E" "∨E"(2) "raa-cor:3" by blast+
328AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
329  apply (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I"; rule "→I")
330  apply (metis "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]" "raa-cor:3" "conventions:3")
331  by (metis "&E" "∨E"(2) "→E" "df-rules-formulas[3]" "raa-cor:3" "conventions:3")
332AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
333  using "conventions:3"[THEN "df-rules-formulas[4]"]
334        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
335AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
336  using "conventions:3"[THEN "df-rules-formulas[4]"]
337        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
338AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
339  using "conventions:3"[THEN "df-rules-formulas[4]"]
340        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
341AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
342  using "conventions:3"[THEN "df-rules-formulas[4]"]
343        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
344
345lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
346
347AOT_theorem "oth-class-taut:6:a": (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
348  using "conventions:3"[THEN "df-rules-formulas[4]"]
349        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
350AOT_theorem "oth-class-taut:6:b": (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
351  using "conventions:3"[THEN "df-rules-formulas[4]"]
352        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
353
354AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
355  by (metis "&I" "→E" "→I")
356lemmas Exportation = "oth-class-taut:7:a"
357AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
358  by (metis "&E" "→E" "→I")
359lemmas Importation = "oth-class-taut:7:b"
360
361AOT_theorem "oth-class-taut:8:a": (φ  (ψ  χ))  (ψ  (φ  χ))
362  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I" by metis
363lemmas Permutation = "oth-class-taut:8:a"
364AOT_theorem "oth-class-taut:8:b": (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
365  by (metis "&I" "→E" "→I")
366lemmas Composition = "oth-class-taut:8:b"
367AOT_theorem "oth-class-taut:8:c": (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
368  by (metis "∨E"(2) "→E" "→I" RAA(1))
369AOT_theorem "oth-class-taut:8:d": ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
370  by (metis "&E" "&I" "→E" "→I")
371lemmas "Double Composition" = "oth-class-taut:8:d"
372AOT_theorem "oth-class-taut:8:e": ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
373  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
374            "→I" "→E" "&E" "&I")
375AOT_theorem "oth-class-taut:8:f": ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
376  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
377            "→I" "→E" "&E" "&I")
378AOT_theorem "oth-class-taut:8:g": (ψ  χ)  ((φ  ψ)  (φ  χ))
379  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
380            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
381AOT_theorem "oth-class-taut:8:h": (ψ  χ)  ((ψ  φ)  (χ  φ))
382  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
383            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
384AOT_theorem "oth-class-taut:8:i": (φ  (ψ & χ))  (ψ  (φ  χ))
385  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
386            "→I" "→E" "&E" "&I")
387
388AOT_theorem "intro-elim:1": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
389  by (metis assms "∨I"(1, 2) "∨E"(1) "conventions:3"[THEN "df-rules-formulas[3]"] "→I" "→E" "&E"(1))
390
391AOT_theorem "intro-elim:2": assumes φ  ψ and ψ  φ shows φ  ψ
392  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
393lemmas "≡I" = "intro-elim:2"
394
395AOT_theorem "intro-elim:3:a": assumes φ  ψ and φ shows ψ
396  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
397AOT_theorem "intro-elim:3:b": assumes φ  ψ and ψ shows φ
398  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
399AOT_theorem "intro-elim:3:c": assumes φ  ψ and ¬φ shows ¬ψ
400  using "intro-elim:3:b" "raa-cor:3" assms by blast
401AOT_theorem "intro-elim:3:d": assumes φ  ψ and ¬ψ shows ¬φ
402  using "intro-elim:3:a" "raa-cor:3" assms by blast
403AOT_theorem "intro-elim:3:e": assumes φ  ψ and ψ  χ shows φ  χ
404  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
405declare "intro-elim:3:e"[trans]
406AOT_theorem "intro-elim:3:f": assumes φ  ψ and φ  χ shows χ  ψ
407  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
408lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c" "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
409
410declare "Commutativity of ≡"[THEN "≡E"(1), sym]
411
412AOT_theorem "rule-eq-df:1": assumes φ df ψ shows φ  ψ
413  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
414lemmas "≡Df" = "rule-eq-df:1"
415AOT_theorem "rule-eq-df:2": assumes φ df ψ and φ shows ψ
416  using "≡Df" "≡E"(1) assms by blast
417lemmas "≡dfE" = "rule-eq-df:2"
418AOT_theorem "rule-eq-df:3": assumes φ df ψ and ψ shows φ
419  using "≡Df" "≡E"(2) assms by blast
420lemmas "≡dfI" = "rule-eq-df:3"
421
422AOT_theorem  "df-simplify:1": assumes φ  (ψ & χ) and ψ shows φ  χ
423  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
424(* TODO: this is a slight variation from PLM *)
425AOT_theorem  "df-simplify:2": assumes φ  (ψ & χ) and χ shows φ  ψ
426  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
427lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
428
429AOT_theorem "rule-ui:1": assumes α φ{α} and τ shows φ{τ}
430  using "→E" "cqt:1"[axiom_inst] assms by blast
431AOT_theorem "rule-ui:2[const_var]": assumes α φ{α} shows φ{β}
432  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
433(* TODO: precise proviso in PLM *)
434AOT_theorem "rule-ui:2[lambda]":
435  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
436  shows φ{ν1...νn ψ{ν1...νn}]}
437  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
438AOT_theorem "rule-ui:3": assumes α φ{α} shows φ{α}
439  by (simp add: "rule-ui:2[const_var]" assms)
440lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]" "rule-ui:2[lambda]" "rule-ui:3"
441
442AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β} by (simp add: "∀E"(2) "→I")
443AOT_theorem "cqt-orig:1[lambda]":
444  assumes INSTANCE_OF_CQT_2(ψ)
445  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
446  by (simp add: "∀E"(3) "→I" assms)
447AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
448  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
449AOT_theorem "cqt-orig:3": α φ{α}  φ{α} using "cqt-orig:1[const_var]" .
450
451(* TODO: work out difference to GEN *)
452AOT_theorem universal: assumes for arbitrary β: φ{β} shows α φ{α}
453  using GEN assms .
454lemmas "∀I" = universal
455
456(* Generalized mechanism for "∀I" followed by ∀E *)
457ML458fun get_instantiated_allI ctxt varname thm = let
459val trm = Thm.concl_of thm
460val trm = case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
461                      | _ => raise Term.TERM ("Expected simple theorem.", [trm])
462fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
463    (if fst (fst v) = fst varname then [Var v] else []) (* TODO: care about the index? *)
464  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
465  | extractVars (Abs (_, _, t)) = extractVars t
466  | extractVars _ = []
467val vars = extractVars trm
468val vars = fold Term.add_vars vars []
469val var = hd vars
470val trmty = case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
471              | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
472val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
473      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
474       $ Var var, trm))
475val trm = Thm.cterm_of (Context.proof_of ctxt) trm
476val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
477val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
478val allthm = Drule.instantiate_normalize ([(ty, typ)],[]) @{thm "∀I"}
479val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
480val allthm = Drule.instantiate_normalize ([],[(phi,trm)]) allthm
481in
482allthm
483end
484
485
486attribute_setup "∀I" =
487  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
488  (fn ctxt => fn thm => fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm))
489  "Quantify over a variable in a theorem using GEN."
490
491attribute_setup "unvarify" =
492  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
493  (fn ctxt => fn thm =>
494    let
495    val thm = fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm
496    val thm = fold (fn _ => fn thm => thm RS @{thm "∀E"(1)}) args thm
497    in
498     thm
499    end))
500  "Generalize a statement about variables to a statement about denoting terms."
501
502(* TODO: rereplace-lem does not apply to the embedding *)
503
504AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
505  by (metis "≡I" "∀E"(2) "∀I" "→I")
506
507AOT_theorem "cqt-basic:2": α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
508proof (rule "≡I"; rule "→I")
509  AOT_assume α(φ{α}  ψ{α})
510  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
511  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
512    using "≡E"(1,2) "→I" by blast+
513  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
514    by (auto intro: "&I" "∀I")
515next
516  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
517  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
518    using "∀E"(2) "&E" by blast+
519  AOT_hence φ{α}  ψ{α} for α
520    using "≡I" by blast
521  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
522qed
523
524AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
525proof(rule "→I")
526  AOT_assume α(φ{α}  ψ{α})
527  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
528  {
529    AOT_assume α φ{α}
530    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
531  }
532  moreover {
533    AOT_assume α ψ{α}
534    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
535  }
536  ultimately AOT_show α φ{α}  α ψ{α}
537    using "≡I" "→I" by auto
538qed
539
540AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
541proof(rule "→I")
542  AOT_assume 0: α(φ{α} & ψ{α})
543  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
544  AOT_thus α φ{α} & α ψ{α}
545    by (auto intro: "∀I" "&I")
546qed
547
548AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
549  using "cqt-orig:3" by blast
550
551AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
552  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
553
554AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
555  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
556
557AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
558  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
559
560AOT_theorem "cqt-basic:9": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
561proof -
562  {
563    AOT_assume α (φ{α}  ψ{α})
564    moreover AOT_assume α (ψ{α}  χ{α})
565    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α using "∀E" by blast+
566    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
567    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
568  }
569  thus ?thesis using "&I" "→I" "&E" by meson
570qed
571
572AOT_theorem "cqt-basic:10": (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
573proof(rule "→I"; rule "∀I")
574  fix β
575  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
576  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
577  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
578qed
579
580AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
581proof (rule "≡I"; rule "→I")
582  AOT_assume 0: α(φ{α}  ψ{α})
583  {
584    fix α
585    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
586    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
587  }
588  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
589next
590  AOT_assume 0: α(ψ{α}  φ{α})
591  {
592    fix α
593    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
594    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
595  }
596  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
597qed
598
599AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
600  by (simp add: "∀E"(2) "→I" GEN)
601
602AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
603  using "≡I" "→I" by blast
604
605AOT_theorem "cqt-basic:14": (α1...∀αn (φ{α1...αn}  ψ{α1...αn}))  ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
606  using "cqt:3"[axiom_inst] by auto
607
608AOT_theorem "cqt-basic:15": (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
609  using "cqt-orig:2" by auto
610
611(* TODO: once more the same in the embedding... need to distinguish these better *)
612AOT_theorem "universal-cor": assumes for arbitrary β: φ{β}  shows α φ{α}
613  using GEN assms .
614
615AOT_theorem "existential:1": assumes φ{τ} and τ shows α φ{α}
616proof(rule "raa-cor:1")
617  AOT_assume ¬α φ{α}
618  AOT_hence α ¬φ{α}
619    using "≡dfI" "conventions:4" RAA "&I" by blast
620  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
621  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
622qed
623
624AOT_theorem "existential:2[const_var]": assumes φ{β} shows α φ{α}
625  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
626
627AOT_theorem "existential:2[lambda]":
628  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
629  shows α φ{α}
630  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
631lemmas "∃I" = "existential:1" "existential:2[const_var]" "existential:2[lambda]" 
632
633AOT_theorem "instantiation":
634  assumes for arbitrary β: φ{β}  ψ and α φ{α}
635  shows ψ
636  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
637lemmas "∃E" = "instantiation"
638
639AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
640  using "∀E"(4) "∃I"(2) "→I" by metis
641
642AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
643  using "∀I" "∃I"(2) "→I" RAA by metis
644
645AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
646  using "∀E"(4) "∃E" "→I" RAA
647  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
648
649AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
650  using "∀I" "∃I"(2)"→I" RAA by metis
651
652AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
653  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
654
655AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
656  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
657
658AOT_theorem "cqt-further:7": α φ{α}  β φ{β} (* TODO: vacuous in the embedding *)
659  by (simp add: "oth-class-taut:3:a")
660
661AOT_theorem "cqt-further:8": (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
662  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
663
664AOT_theorem "cqt-further:9": (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
665  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
666
667AOT_theorem "cqt-further:10": (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
668proof(rule "→I"; rule "raa-cor:2")
669  AOT_assume 0: α φ{α} & ¬α ψ{α}
670  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
671  moreover AOT_assume α (φ{α}  ψ{α})
672  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
673  AOT_hence α ψ{α} using "∃I" by blast
674  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
675qed
676
677AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
678  using "≡I" "→I" "∃I"(2) "∃E" by metis
679
680AOT_theorem "log-prop-prop:1":  φ]
681  using "cqt:2[lambda0]"[axiom_inst] by auto
682
683AOT_theorem "log-prop-prop:2": φ
684  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
685
686AOT_theorem "exist-nec": τ  τ
687proof -
688  AOT_have β β
689    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
690  AOT_thus τ  τ
691    using "cqt:1"[axiom_inst] "→E" by blast
692qed
693
694(* TODO: replace this mechanism by a "proof by types" command *)
695class AOT_Term_id = AOT_Term +
696  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
697      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
698
699instance κ :: AOT_Term_id
700proof
701  AOT_modally_strict {
702    AOT_show κ = κ'  κ for κ κ'
703    proof(rule "→I")
704      AOT_assume κ = κ'
705      AOT_hence O!κ  A!κ
706        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
707           (meson "→I" "∨I"(1) "&E"(1))+
708      AOT_thus κ
709        by (rule "∨E"(1))
710           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
711    qed
712  }
713next
714  AOT_modally_strict {
715    AOT_show κ = κ'  κ' for κ κ'
716    proof(rule "→I")
717      AOT_assume κ = κ'
718      AOT_hence O!κ'  A!κ'
719        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
720           (meson "→I" "∨I" "&E")+
721      AOT_thus κ'
722        by (rule "∨E"(1))
723           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
724    qed
725  }
726qed
727
728instance rel :: (AOT_κs) AOT_Term_id
729proof
730  AOT_modally_strict {
731    AOT_show Π = Π'  Π for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
732    proof(rule "→I")
733      AOT_assume Π = Π'
734      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
735    qed
736  }
737next
738  AOT_modally_strict {
739    AOT_show Π = Π'  Π' for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
740    proof(rule "→I")
741      AOT_assume Π = Π'
742      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
743    qed
744  }
745qed
746
747instance 𝗈 :: AOT_Term_id
748proof
749  AOT_modally_strict {
750    fix φ ψ
751    AOT_show φ = ψ  φ
752    proof(rule "→I")
753      AOT_assume φ = ψ
754      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
755    qed
756  }
757next
758  AOT_modally_strict {
759    fix φ ψ
760    AOT_show φ = ψ  ψ
761    proof(rule "→I")
762      AOT_assume φ = ψ
763      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
764    qed
765  }
766qed
767
768instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
769proof
770  AOT_modally_strict {
771    fix τ τ' :: 'a×'b
772    AOT_show τ = τ'  τ
773    proof (induct τ; induct τ'; rule "→I")
774      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
775      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
776      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
777      AOT_hence τ1 and τ2 using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
778      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
779    qed
780  }
781next
782  AOT_modally_strict {
783    fix τ τ' :: 'a×'b
784    AOT_show τ = τ'  τ'
785    proof (induct τ; induct τ'; rule "→I")
786      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
787      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
788      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
789      AOT_hence τ1' and τ2' using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
790      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
791    qed
792  }
793qed
794
795(* TODO: this is the end of the "proof by types" and makes the results available on new theorems *)
796AOT_register_type_constraints
797  Term: _::AOT_Term_id› _::AOT_Term_id›
798AOT_register_type_constraints
799  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
800AOT_register_type_constraints
801  Relation: <_::{AOT_κs, AOT_Term_id}>
802
803AOT_theorem "id-rel-nec-equiv:1": Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
804proof(rule "→I")
805  AOT_assume assumption: Π = Π'
806  AOT_hence Π and Π'
807    using "t=t-proper:1" "t=t-proper:2" MP by blast+
808  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn))  x1...∀xn ([F]x1...xn  [G]x1...xn)))
809    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
810  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn))
811    using "∀E"(1) by blast
812  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
813    using assumption "→E" by blast
814  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
815    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
816  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
817    using "→E" by blast
818qed
819
820AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
821proof(rule "→I")
822  AOT_assume assumption: φ = ψ
823  AOT_hence φ and ψ
824    using "t=t-proper:1" "t=t-proper:2" MP by blast+
825  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
826    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
827  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
828    using "∀E"(1) by blast
829  AOT_hence (φ  φ)  (φ  ψ)
830    using assumption "→E" by blast
831  moreover AOT_have (φ  φ)
832    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
833  ultimately AOT_show (φ  ψ)
834    using "→E" by blast
835qed
836
837AOT_theorem "rule=E": assumes φ{τ} and τ = σ shows φ{σ}
838proof -
839  AOT_have τ and σ using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
840  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
841    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
842  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
843    using "∀E"(1) by blast
844  AOT_thus φ{σ} using assms "→E" by blast
845qed
846
847AOT_theorem "propositions-lemma:1":  φ] = φ
848proof -
849  AOT_have φ by (simp add: "log-prop-prop:2")
850  moreover AOT_have p  p] = p using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
851  ultimately AOT_show  φ] = φ
852    using "∀E" by blast
853qed
854
855AOT_theorem "propositions-lemma:2":  φ]  φ
856proof -
857  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
858  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
859qed
860
861(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
862
863AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
864  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
865
866(* dr-alphabetic-rules does not apply *)
867
868AOT_theorem "oa-exist:1": O!
869proof -
870  AOT_have x [E!]x] by "cqt:2[lambda]"
871  AOT_hence 1: O! = x [E!]x] using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
872  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
873qed
874
875AOT_theorem "oa-exist:2": A!
876proof -
877  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
878  AOT_hence 1: A! = x ¬[E!]x] using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
879  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
880qed
881
882AOT_theorem "oa-exist:3": O!x  A!x
883proof(rule "raa-cor:1")
884  AOT_assume ¬(O!x  A!x)
885  AOT_hence A: ¬O!x and B: ¬A!x
886    using "Disjunction Addition"(1) "modus-tollens:1" "∨I"(2) "raa-cor:5" by blast+
887  AOT_have C: O! = x [E!]x]
888    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
889  AOT_have D: A! = x ¬[E!]x]
890    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
891  AOT_have E: ¬x [E!]x]x
892    using A C "rule=E" by fast
893  AOT_have F: ¬x ¬[E!]x]x
894    using B D "rule=E" by fast
895  AOT_have G: x [E!]x]x  [E!]x
896    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
897  AOT_have H: x ¬[E!]x]x  ¬[E!]x
898    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
899  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
900qed
901
902AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
903proof -
904  AOT_have F = G  F & G & x(x[F]  x[G])
905    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
906  moreover AOT_have F and G
907    by (auto simp: "cqt:2[const_var]"[axiom_inst])
908  ultimately AOT_show F = G  x(x[F]  x[G])
909    using "≡S"(1) "&I" by blast
910qed
911
912AOT_theorem "p-identity-thm2:2[2]": F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
913proof -
914  AOT_have F = G  F & G & y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
915    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
916  moreover AOT_have F and G
917    by (auto simp: "cqt:2[const_var]"[axiom_inst])
918  ultimately show ?thesis
919    using "≡S"(1) "&I" by blast
920qed
921    
922AOT_theorem "p-identity-thm2:2[3]": F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
923proof -
924  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
925    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
926  moreover AOT_have F and G
927    by (auto simp: "cqt:2[const_var]"[axiom_inst])
928  ultimately show ?thesis
929    using "≡S"(1) "&I" by blast
930qed
931
932AOT_theorem "p-identity-thm2:2[4]": F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
933proof -
934  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
935    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
936  moreover AOT_have F and G
937    by (auto simp: "cqt:2[const_var]"[axiom_inst])
938  ultimately show ?thesis
939    using "≡S"(1) "&I" by blast
940qed
941
942AOT_theorem "p-identity-thm2:2":
943  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
944proof -
945  AOT_have F = G  F & G & x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
946    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
947  moreover AOT_have F and G
948    by (auto simp: "cqt:2[const_var]"[axiom_inst])
949  ultimately show ?thesis
950    using "≡S"(1) "&I" by blast
951qed
952
953AOT_theorem "p-identity-thm2:3":
954  p = q  x p] = x q]
955proof -
956  AOT_have p = q  p & q & x p] = x q]
957    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
958  moreover AOT_have p and q
959    by (auto simp: "cqt:2[const_var]"[axiom_inst])
960  ultimately show ?thesis
961    using "≡S"(1) "&I" by blast
962qed
963
964class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
965
966instance κ :: AOT_Term_id_2
967proof
968  AOT_modally_strict {
969    fix x
970    {
971      AOT_assume O!x
972      moreover AOT_have F([F]x  [F]x)
973        using RN GEN "oth-class-taut:3:a" by fast
974      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
975    }
976    moreover {
977      AOT_assume A!x
978      moreover AOT_have F(x[F]  x[F])
979        using RN GEN "oth-class-taut:3:a" by fast
980      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
981    }
982    ultimately AOT_have (O!x & O!x & F([F]x  [F]x))  (A!x & A!x & F(x[F]  x[F]))
983      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
984    AOT_thus x = x
985      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
986  }
987qed
988
989instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
990proof
991  AOT_modally_strict {
992    fix F :: "<'a> AOT_var"
993    AOT_have 0: x1...xn [F]x1...xn] = F
994      by (simp add: "lambda-predicates:3"[axiom_inst])
995    AOT_have x1...xn [F]x1...xn]
996      by "cqt:2[lambda]"
997    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
998      using "lambda-predicates:1"[axiom_inst] "→E" by blast
999    AOT_show F = F using "rule=E" 0 by force 
1000  }
1001qed
1002
1003instance 𝗈 :: AOT_Term_id_2
1004proof
1005  AOT_modally_strict {
1006    fix p
1007    AOT_have 0:  p] = p
1008      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1009    AOT_have  p]
1010      by (rule "cqt:2[lambda0]"[axiom_inst])
1011    AOT_hence  p] =  p]
1012      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1013    AOT_show p = p using "rule=E" 0 by force
1014  }
1015qed
1016
1017instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1018proof
1019  AOT_modally_strict {
1020    fix α :: ('a×'b) AOT_var›
1021    AOT_show α = α
1022    proof (induct)
1023      AOT_show τ = τ if τ for τ :: 'a×'b
1024        using that
1025      proof (induct τ)
1026        fix τ1 :: 'a and τ2 :: 'b
1027        AOT_assume «(τ1,τ2)»
1028        AOT_hence τ1 and τ2 using "≡dfE" "&E" tuple_denotes by blast+
1029        AOT_hence τ1 = τ1 and τ2 = τ2 using "id-eq:1"[unvarify α] by blast+
1030        AOT_thus «(τ1, τ2)» = «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_identity_1)
1031      qed
1032    qed
1033  }
1034qed
1035
1036AOT_register_type_constraints
1037  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1038AOT_register_type_constraints
1039  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1040AOT_register_type_constraints
1041  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1042
1043(* TODO: Interestingly, this doesn't depend on "id-eq:1" at all! *)
1044AOT_theorem "id-eq:2": α = β  β = α
1045(*
1046  TODO: look at this proof generated using:
1047        including AOT_no_atp sledgehammer[isar_proofs = true]
1048proof -
1049  have "(∃φ. [v ⊨ ~β = α → ~φ] ∧ [v ⊨ α = β → φ]) ∨ (∃φ. ¬ [v ⊨ φ{α} → φ{β}])"
1050    by meson
1051  then show ?thesis
1052    by (meson "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" l_"identity:1" "useful-tautologies:1")
1053qed
1054*)
1055(*  by (meson "rule=E" "deduction-theorem") *)
1056proof (rule "→I")
1057  AOT_assume α = β
1058  moreover AOT_have β = β using calculation "rule=E"[of _ "λ τ . «τ = β»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1059  moreover AOT_have α = α  α = α using "if-p-then-p" by blast
1060  ultimately AOT_show β = α
1061    using "→E" "→I" "rule=E"[of _ "λ τ . «(τ = τ)  (τ = α)»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1062qed
1063
1064AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1065  using "rule=E" "→I" "&E" by blast
1066
1067AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1068proof (rule "≡I"; rule "→I")
1069  AOT_assume 0: α = β
1070  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1071  AOT_show γ (α = γ  β = γ)
1072    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1073next
1074  AOT_assume γ (α = γ  β = γ)
1075  AOT_hence α = α  β = α using "∀E"(2) by blast
1076  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1077  AOT_hence β = α using "id-eq:1" "→E" by blast
1078  AOT_thus α = β using "id-eq:2" "→E" by blast
1079qed
1080
1081AOT_theorem "rule=I:1": assumes τ shows τ = τ
1082proof -
1083  AOT_have α (α = α)
1084    by (rule GEN) (metis "id-eq:1")
1085  AOT_thus τ = τ using assms "∀E" by blast
1086qed
1087
1088AOT_theorem "rule=I:2[const_var]": "α = α"
1089  using "id-eq:1".
1090
1091AOT_theorem "rule=I:2[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1092proof -
1093  AOT_have α (α = α)
1094    by (rule GEN) (metis "id-eq:1")
1095  moreover AOT_have ν1...νn φ{ν1...νn}] using assms by (rule "cqt:2[lambda]"[axiom_inst])
1096  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}] using assms "∀E" by blast
1097qed
1098
1099lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1100
1101AOT_theorem "rule-id-df:1":
1102  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1103  shows τ{τ1...τn} = σ{τ1...τn}
1104proof -
1105  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1106    using "df-rules-terms[3]" assms(1) "&E" by blast
1107  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1108    using assms(2) "→E" by blast
1109qed
1110
1111AOT_theorem "rule-id-df:1[zero]":
1112  assumes τ =df σ and σ
1113  shows τ = σ
1114proof -
1115  AOT_have σ  τ = σ
1116    using "df-rules-terms[4]" assms(1) "&E" by blast
1117  AOT_thus τ = σ
1118    using assms(2) "→E" by blast
1119qed
1120
1121AOT_theorem "rule-id-df:2:a":
1122  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1123  shows φ{σ{τ1...τn}}
1124proof -
1125  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1126  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1127qed
1128
1129(* TODO: get rid of this, ideally *)
1130AOT_theorem "rule-id-df:2:a[2]":
1131  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{τ{«(τ1,τ2)»}}
1132  shows φ{σ{«(τ1,τ2)»}}
1133proof -
1134  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1135  proof -
1136    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1137      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1138    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1139      using assms(2) "→E" by blast
1140  qed
1141  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1142qed
1143
1144AOT_theorem "rule-id-df:2:a[zero]":
1145  assumes τ =df σ and σ and φ{τ}
1146  shows φ{σ}
1147proof -
1148  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1149  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1150qed
1151
1152lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1153
1154AOT_theorem "rule-id-df:2:b":
1155  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1156  shows φ{τ{τ1...τn}}
1157proof -
1158  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1159  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1160    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1161  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1162qed
1163
1164(* TODO: get rid of this, ideally *)
1165AOT_theorem "rule-id-df:2:b[2]":
1166  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{σ{«(τ1,τ2)»}}
1167  shows φ{τ{«(τ1,τ2)»}}
1168proof -
1169  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1170  proof -
1171    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1172      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1173    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1174      using assms(2) "→E" by blast
1175  qed
1176  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1177    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1178  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1179qed
1180
1181AOT_theorem "rule-id-df:2:b[zero]":
1182  assumes τ =df σ and σ and φ{σ}
1183  shows φ{τ}
1184proof -
1185  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1186  AOT_hence σ = τ
1187    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1188  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1189qed
1190
1191lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1192
1193AOT_theorem "free-thms:1": τ  β (β = τ)
1194  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1195
1196AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1197  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1198
1199AOT_theorem "free-thms:3[const_var]": β (β = α)
1200  by (meson "∃I"(2) "id-eq:1")
1201
1202AOT_theorem "free-thms:3[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows β (β = ν1...νn φ{ν1...νn}])
1203  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1204
1205AOT_theorem "free-thms:4[rel]": ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1206  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1207
1208(* TODO: this is a rather weird way to formulate this and we don't have tuple-existential-elimination
1209         or tuple-equality-elimination in the theory... Splitting them is also a bit unfortunate, though.*)
1210AOT_theorem "free-thms:4[vars]": ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1211  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1212
1213AOT_theorem "free-thms:4[1,rel]": ([Π]κ  κ[Π])  β (β = Π)
1214  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1215AOT_theorem "free-thms:4[1,1]": ([Π]κ  κ[Π])  β (β = κ)
1216  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1217
1218AOT_theorem "free-thms:4[2,rel]": ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1219  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1220AOT_theorem "free-thms:4[2,1]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1221  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1222AOT_theorem "free-thms:4[2,2]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1223  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1224AOT_theorem "free-thms:4[3,rel]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1225  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1226AOT_theorem "free-thms:4[3,1]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1227  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1228AOT_theorem "free-thms:4[3,2]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1229  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1230AOT_theorem "free-thms:4[3,3]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1231  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1232AOT_theorem "free-thms:4[4,rel]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1233  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1234AOT_theorem "free-thms:4[4,1]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1235  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1236AOT_theorem "free-thms:4[4,2]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1237  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1238AOT_theorem "free-thms:4[4,3]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1239  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1240AOT_theorem "free-thms:4[4,4]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1241  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1242
1243AOT_theorem "ex:1:a": α α
1244  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1245AOT_theorem "ex:1:b": αβ(β = α)
1246  by (rule GEN) (fact "free-thms:3[const_var]")
1247
1248AOT_theorem "ex:2:a": α
1249  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1250AOT_theorem "ex:2:b": β(β = α)
1251  by (rule RN) (fact "free-thms:3[const_var]")
1252
1253AOT_theorem "ex:3:a": α α
1254  by (rule RN) (fact "ex:1:a")
1255AOT_theorem "ex:3:b": αβ(β = α)
1256  by (rule RN) (fact "ex:1:b")
1257
1258AOT_theorem "ex:4:a": α α
1259  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1260AOT_theorem "ex:4:b": αβ(β = α)
1261  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1262
1263AOT_theorem "ex:5:a": α α
1264  by (rule RN) (simp add: "ex:4:a")
1265AOT_theorem "ex:5:b": αβ(β = α)
1266  by (rule RN) (simp add: "ex:4:b")
1267
1268AOT_theorem "all-self=:1": α(α = α)
1269  by (rule RN; rule GEN) (fact "id-eq:1")
1270AOT_theorem "all-self=:2": α(α = α)
1271  by (rule GEN; rule RN) (fact "id-eq:1")
1272
1273AOT_theorem "id-nec:1": α = β  (α = β)
1274proof(rule "→I")
1275  AOT_assume α = β
1276  moreover AOT_have (α = α)
1277    by (rule RN) (fact "id-eq:1")
1278  ultimately AOT_show (α = β) using "rule=E" by fast
1279qed
1280
1281AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1282proof(rule "→I")
1283  AOT_assume asm: τ = σ
1284  moreover AOT_have τ
1285    using calculation "t=t-proper:1" "→E" by blast
1286  moreover AOT_have (τ = τ)
1287    using calculation "all-self=:2" "∀E"(1) by blast
1288  ultimately AOT_show (τ = σ) using "rule=E" by fast
1289qed
1290
1291AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1292proof (rule "≡I"; rule "→I")
1293  AOT_assume asm: φ{α}
1294  AOT_show β (β = α & φ{β})
1295    by (rule "∃I"(2)[where β=α]; rule "&I")
1296       (auto simp: "id-eq:1" asm)
1297next
1298  AOT_assume 0: β (β = α & φ{β})
1299  (* TODO: have another look at this instantiation. Ideally AOT_obtain would resolve directly to the existential
1300           statement as proof obligation *)
1301  AOT_obtain β where β = α & φ{β} using "instantiation"[rotated, OF 0] by blast
1302  AOT_thus φ{α} using "&E" "rule=E" by blast
1303qed
1304
1305AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1306proof(rule "→I")
1307  AOT_assume τ
1308  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1309    by (rule GEN) (fact "term-out:1")
1310  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1311    using "∀E" by blast
1312qed
1313
1314(* TODO: example of an apply-style proof. Keep or reformulate? *)
1315AOT_theorem "term-out:3": (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1316  apply (rule "≡I"; rule "→I")
1317   apply (frule "&E"(1)) apply (drule "&E"(2))
1318   apply (rule GEN; rule "≡I"; rule "→I")
1319  using "rule-ui:2[const_var]" "vdash-properties:5" apply blast
1320  apply (meson "rule=E" "id-eq:1")
1321  apply (rule "&I")
1322  using "id-eq:1" "≡E"(2) "rule-ui:3" apply blast
1323  apply (rule GEN; rule "→I")
1324  using "≡E"(1) "rule-ui:2[const_var]" by blast
1325
1326AOT_theorem "term-out:4": (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1327  using "term-out:3" . (* TODO: same as above - another instance of the generalized alphabetic variant rule... *)
1328
1329(* TODO: would of course be nice to define it without the syntax magic *)
1330AOT_define AOT_exists_unique :: ‹α  φ  φ›
1331  "uniqueness:1": «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1332syntax "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1333AOT_syntax_print_translations
1334  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1335syntax
1336   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ› (∃!_...∃!_ _› [1,40])
1337parse_ast_translation[(syntax_const‹_AOT_exists_unique_ellipse›, fn ctx => fn [a,b,c] =>
1338  Ast.mk_appl (Ast.Constant "AOT_exists_unique") [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1339(syntax_const‹_AOT_exists_unique›,AOT_restricted_binder const_name‹AOT_exists_unique› const_syntax‹AOT_conj›)]
1340print_translationAOT_syntax_print_translations
1341  [AOT_preserve_binder_abs_tr' const_syntax‹AOT_exists_unique› syntax_const‹_AOT_exists_unique› (syntax_const‹_AOT_exists_unique_ellipse›, true) const_name‹AOT_conj›,
1342  AOT_binder_trans @{theory} @{binding "AOT_exists_unique_binder"} syntax_const‹_AOT_exists_unique›]
1343
1344
1345
1346context AOT_meta_syntax
1347begin
1348notation AOT_exists_unique (binder "!" 20)
1349end
1350context AOT_no_meta_syntax
1351begin
1352no_notation AOT_exists_unique (binder "!" 20)
1353end
1354
1355AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1356proof(rule "≡I"; rule "→I")
1357    AOT_assume ∃!α φ{α}
1358    AOT_hence α (φ{α} & β (φ{β}  β = α))
1359      using "uniqueness:1" "≡dfE" by blast
1360    then AOT_obtain α where φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1361    AOT_hence β(φ{β}  β = α) using "term-out:3" "≡E" by blast
1362    AOT_thus αβ(φ{β}  β = α)
1363      using "∃I" by fast
1364next
1365    AOT_assume αβ(φ{β}  β = α)
1366    then AOT_obtain α where β (φ{β}  β = α) using "instantiation"[rotated] by blast
1367    AOT_hence φ{α} & β (φ{β}  β = α) using "term-out:3" "≡E" by blast
1368    AOT_hence α (φ{α} & β (φ{β}  β = α))
1369      using "∃I" by fast
1370    AOT_thus ∃!α φ{α}
1371      using "uniqueness:1" "≡dfI" by blast
1372qed
1373
1374AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1375proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1376  fix β γ
1377  AOT_assume ∃!α φ{α}
1378  AOT_hence αβ(φ{β}  β = α)
1379    using "uniqueness:2" "≡E" by blast
1380  then AOT_obtain α where β(φ{β}  β = α)
1381    using "instantiation"[rotated] by blast
1382  moreover AOT_assume φ{β} & φ{γ}
1383  ultimately AOT_have β = α and γ = α
1384    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1385  AOT_thus β = γ
1386    by (metis "rule=E" "id-eq:2" "→E")
1387qed
1388
1389AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1390proof (rule "→I"; rule "→I")
1391  AOT_assume a: α(φ{α}  φ{α})
1392  AOT_assume ∃!α φ{α}
1393  AOT_hence α (φ{α} & β (φ{β}  β = α)) using "uniqueness:1" "≡dfE" by blast
1394  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1395  AOT_have φ{α}
1396    using ξ a "&E" "∀E" "→E" by fast
1397  moreover AOT_have β (φ{β}  β = α)
1398    apply (rule GEN; rule "→I")
1399    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
1400  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1401    using "&I" by blast
1402  AOT_thus ∃!α φ{α}
1403    using "uniqueness:1" "≡dfI" "∃I" by fast
1404qed
1405
1406AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1407  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1408
1409AOT_theorem "nec-imp-act": φ  𝒜φ
1410  by (metis "act-cond" "contraposition:1[2]" "≡E"(4) "qml:2"[THEN act_closure, axiom_inst] "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1411
1412AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1413  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] by blast
1414
1415AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1416  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] RAA(1))
1417
1418AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1419proof -
1420  AOT_have (φ  (ψ  (φ & ψ)))
1421    by (rule RN) (fact Adjunction)
1422  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1423    using "nec-imp-act" "→E" by blast
1424  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1425    using "act-cond" "→E" by blast
1426  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1427    by (fact "act-cond")
1428  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1429    using "→I" "→E" by metis
1430  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1431    by (metis Importation "→E")
1432qed
1433
1434AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1435proof -
1436  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1437    by (fact "act-conj-act:3")
1438  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1439    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1440  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1441    using "→E" by blast
1442  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1443    using "conventions:3"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst] by blast
1444  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1445    using "act-cond" "→E" by blast
1446  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1447qed
1448
1449(* TODO: consider introducing AOT_inductive *)
1450inductive arbitrary_actualization for φ where
1451  arbitrary_actualization φ «𝒜φ»
1452| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1453declare arbitrary_actualization.cases[AOT] arbitrary_actualization.induct[AOT]
1454        arbitrary_actualization.simps[AOT] arbitrary_actualization.intros[AOT]
1455syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop› ("ARBITRARY'_ACTUALIZATION'(_,_')")
1456
1457notepad
1458begin
1459  AOT_modally_strict {
1460    fix φ
1461    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1462      using AOT_PLM.arbitrary_actualization.intros by metis
1463    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1464      using AOT_PLM.arbitrary_actualization.intros by metis
1465    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1466      using AOT_PLM.arbitrary_actualization.intros by metis
1467  }
1468end
1469
1470
1471AOT_theorem "closure-act:1": assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ) shows ψ
1472using assms proof(induct)
1473  case 1
1474  AOT_show 𝒜(𝒜φ  φ)
1475    by (simp add: "act-conj-act:4")
1476next
1477  case (2 ψ)
1478  AOT_thus 𝒜ψ
1479    by (metis arbitrary_actualization.simps "≡E"(1) "logic-actual-nec:4"[axiom_inst])
1480qed
1481
1482AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1483  by (simp add: "act-conj-act:4" "∀I")
1484
1485AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1486  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "logic-actual-nec:3"[axiom_inst] "logic-actual-nec:4"[axiom_inst] "∀I")
1487
1488AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1489  using "closure-act:3" .
1490
1491(* TODO: examine these proofs *)
1492AOT_theorem "RA[1]": assumes  φ shows  𝒜φ
1493  (* This proof is the one rejected in remark (136) (meta-rule) *)
1494  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst] "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1495AOT_theorem "RA[2]": assumes  φ shows 𝒜φ
1496  (* This is actually Γ ⊢ φ ⟹ □Γ ⊢ 𝒜φ*)
1497  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1498AOT_theorem "RA[3]": assumes Γ  φ shows 𝒜Γ  𝒜φ
1499  using assms by (meson AOT_sem_act imageI)
1500  (* This is not exactly right either. *)
1501
1502AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1503  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem" "≡I" "logic-actual"[act_axiom_inst])
1504
1505AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1506  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1" "useful-tautologies:2" by blast
1507
1508AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1509  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1510
1511AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1512proof (rule "≡I"; rule "→I")
1513  AOT_assume 𝒜(φ & ψ)
1514  moreover AOT_have 𝒜((φ & ψ)  φ)
1515    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1516  moreover AOT_have 𝒜((φ & ψ)  ψ)
1517    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1518  ultimately AOT_show 𝒜φ & 𝒜ψ
1519    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1520next
1521  AOT_assume 𝒜φ & 𝒜ψ
1522  AOT_thus 𝒜(φ & ψ)
1523    using "act-conj-act:3" "vdash-properties:6" by blast
1524qed
1525
1526AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1527proof (rule "≡I"; rule "→I")
1528  AOT_assume 𝒜(φ  ψ)
1529  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1530    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1531  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1532    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1533  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1534    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1535next
1536  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1537  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1538    by (metis "act-conj-act:3" "vdash-properties:10")
1539  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1540    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]" "vdash-properties:1[2]")
1541  ultimately AOT_show 𝒜(φ  ψ)
1542    using "act-cond"[THEN "→E", THEN "→E"] by metis
1543qed
1544
1545AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1546proof (rule "≡I"; rule "→I")
1547  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1548  AOT_show 𝒜φ  𝒜ψ
1549    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1550next
1551  AOT_assume 𝒜φ  𝒜ψ
1552  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1553    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1554qed
1555
1556AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1557  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1558
1559AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1560  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1561
1562AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1563  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act" "qml-act:2"[axiom_inst])
1564
1565AOT_theorem "Act-Basic:8": φ  𝒜φ
1566  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1567
1568AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1569proof (rule "≡I"; rule "→I")
1570  AOT_assume 𝒜(φ  ψ)
1571  AOT_thus 𝒜φ  𝒜ψ
1572  proof (rule "raa-cor:3")
1573    AOT_assume ¬(𝒜φ  𝒜ψ)
1574    AOT_hence ¬𝒜φ & ¬𝒜ψ
1575      by (metis "≡E"(1) "oth-class-taut:5:d")
1576    AOT_hence 𝒜¬φ & 𝒜¬ψ
1577      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1578    AOT_hence 𝒜(¬φ & ¬ψ)
1579      using "≡E" "Act-Basic:2" by metis
1580    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1581      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1582    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1583      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1584    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1585    AOT_thus ¬𝒜(φ  ψ)
1586      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1587  qed
1588next
1589  AOT_assume 𝒜φ  𝒜ψ
1590  AOT_thus 𝒜(φ  ψ)
1591    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
1592qed
1593
1594AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1595proof -
1596  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1597    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1598       (metis "logic-actual-nec:3"[axiom_inst])
1599  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1600    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1601       (rule "logic-actual-nec:1"[THEN universal_closure, axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1602  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1603    using "conventions:4"[THEN "df-rules-formulas[1]", THEN act_closure, axiom_inst]
1604          "conventions:4"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst]
1605    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1606  also AOT_have   ¬𝒜α ¬φ{α}
1607    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1608  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1609  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1610  also AOT_have   α 𝒜 φ{α}
1611    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1612  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1613qed
1614
1615
1616AOT_theorem "Act-Basic:11": 𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1617proof(rule "≡I"; rule "→I")
1618  AOT_assume 𝒜α(φ{α}  ψ{α})
1619  AOT_hence α𝒜(φ{α}  ψ{α})
1620    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1621  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1622  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1623  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1624next
1625  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
1626  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
1627  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
1628  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
1629  AOT_thus 𝒜α(φ{α}  ψ{α})
1630    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
1631qed
1632
1633AOT_act_theorem "act-quant-uniq": β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
1634proof(rule "≡I"; rule "→I")
1635  AOT_assume β(𝒜φ{β}  β = α)
1636  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1637  AOT_hence φ{β}  β = α for β
1638    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1639    by metis
1640  AOT_thus β(φ{β}  β = α) by (rule "∀I")
1641next
1642  AOT_assume β(φ{β}  β = α)
1643  AOT_hence φ{β}  β = α for β using "∀E" by blast
1644  AOT_hence 𝒜φ{β}  β = α for β
1645    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1646    by metis
1647  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
1648qed
1649
1650AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
1651  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
1652
1653AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
1654  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" "fund-cont-desc" "≡E"(5) by blast
1655
1656
1657locale russel_axiom =
1658  fixes ψ
1659  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
1660begin
1661AOT_act_theorem "russell-axiom": ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
1662proof -
1663  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
1664    using hintikka "∀I" by fast
1665  show ?thesis
1666  proof(rule "≡I"; rule "→I")
1667    AOT_assume c: ψ{ιx φ{x}}
1668    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1669    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1670    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1671    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a)) using b "∀E" by blast
1672    ultimately AOT_have φ{a} & z(φ{z}  z = a) using "≡E" by blast
1673    moreover AOT_have ψ{a}
1674    proof - 
1675      AOT_have 1: xy(x = y  y = x)
1676        by (simp add: "id-eq:2" "universal-cor")
1677      AOT_have a = ιx φ{x}   ιx φ{x} = a
1678        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1679           (auto simp: 1 d "universal-cor")
1680      AOT_thus ψ{a}
1681        using a_def c "rule=E" "→E" by blast
1682    qed
1683    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
1684    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
1685  next
1686    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
1687    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1688    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b)) using b "∀E" by blast
1689    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1690    AOT_hence b = ιx φ{x} using h "≡E" by blast
1691    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1692  qed
1693qed
1694end
1695
1696(* TODO: this nicely shows off using locales with the embedding, but maybe there is still a nicer way *)
1697(* TODO: sledgehammer tends to refer to ψ_denotes_asm in these instantiation instead of referring
1698         to cqt:5:a - should be fixed *)
1699interpretation "russell-axiom[exe,1]": russel_axiom λ κ . «[Π]κ»
1700  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
1701interpretation "russell-axiom[exe,2,1,1]": russel_axiom λ κ . «[Π]κκ'»
1702  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
1703interpretation "russell-axiom[exe,2,1,2]": russel_axiom λ κ . «[Π]κ'κ»
1704  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1705interpretation "russell-axiom[exe,2,2]": russel_axiom λ κ . «[Π]κκ»
1706  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1707interpretation "russell-axiom[exe,3,1,1]": russel_axiom λ κ . «[Π]κκ'κ''»
1708  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1709interpretation "russell-axiom[exe,3,1,2]": russel_axiom λ κ . «[Π]κ'κκ''»
1710  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1711interpretation "russell-axiom[exe,3,1,3]": russel_axiom λ κ . «[Π]κ'κ''κ»
1712  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1713interpretation "russell-axiom[exe,3,2,1]": russel_axiom λ κ . «[Π]κκκ'»
1714  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1715interpretation "russell-axiom[exe,3,2,2]": russel_axiom λ κ . «[Π]κκ'κ»
1716  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1717interpretation "russell-axiom[exe,3,2,3]": russel_axiom λ κ . «[Π]κ'κκ»
1718  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1719interpretation "russell-axiom[exe,3,3]": russel_axiom λ κ . «[Π]κκκ»
1720  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1721
1722interpretation "russell-axiom[enc,1]": russel_axiom λ κ . «κ[Π]»
1723  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
1724interpretation "russell-axiom[enc,2,1]": russel_axiom λ κ . «κκ'[Π]»
1725  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
1726interpretation "russell-axiom[enc,2,2]": russel_axiom λ κ . «κ'κ[Π]»
1727  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1728interpretation "russell-axiom[enc,2,3]": russel_axiom λ κ . «κκ[Π]»
1729  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1730interpretation "russell-axiom[enc,3,1,1]": russel_axiom λ κ . «κκ'κ''[Π]»
1731  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1732interpretation "russell-axiom[enc,3,1,2]": russel_axiom λ κ . «κ'κκ''[Π]»
1733  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1734interpretation "russell-axiom[enc,3,1,3]": russel_axiom λ κ . «κ'κ''κ[Π]»
1735  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1736interpretation "russell-axiom[enc,3,2,1]": russel_axiom λ κ . «κκκ'[Π]»
1737  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1738interpretation "russell-axiom[enc,3,2,2]": russel_axiom λ κ . «κκ'κ[Π]»
1739  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1740interpretation "russell-axiom[enc,3,2,3]": russel_axiom λ κ . «κ'κκ[Π]»
1741  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1742interpretation "russell-axiom[enc,3,3]": russel_axiom λ κ . «κκκ[Π]»
1743  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1744
1745AOT_act_theorem "1-exists:1": ιx φ{x}  ∃!x φ{x}
1746proof(rule "≡I"; rule "→I")
1747  AOT_assume ιx φ{x}
1748  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1749  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1750  AOT_hence φ{a} & z (φ{z}  z = a) using hintikka "≡E" by blast
1751  AOT_hence x (φ{x} & z (φ{z}  z = x)) by (rule "∃I")
1752  AOT_thus ∃!x φ{x} using "uniqueness:1"[THEN "≡dfI"] by blast
1753next
1754  AOT_assume ∃!x φ{x}
1755  AOT_hence x (φ{x} & z (φ{z}  z = x))
1756    using "uniqueness:1"[THEN "≡dfE"] by blast
1757  then AOT_obtain b where φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
1758  AOT_hence b = ιx φ{x} using hintikka "≡E" by blast
1759  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1760qed
1761
1762AOT_act_theorem "1-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
1763  using "1-exists:1" "free-thms:1" "≡E"(6) by blast
1764
1765AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
1766  using "&E"(1) "→I" hintikka "≡E"(1) by blast
1767
1768AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1". (* TODO: same as above *)
1769
1770AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
1771proof(rule "→I")
1772  AOT_assume ιx φ{x}
1773  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1774  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1775  moreover AOT_have φ{a} using calculation hintikka "≡E"(1) "&E" by blast
1776  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
1777qed
1778
1779AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
1780  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
1781
1782
1783AOT_theorem "act-quant-nec": β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
1784proof(rule "≡I"; rule "→I")
1785  AOT_assume β (𝒜φ{β}  β = α)
1786  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1787  AOT_hence 𝒜𝒜φ{β}  β = α for β 
1788    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1789  AOT_thus β(𝒜𝒜φ{β}  β = α)
1790    by (rule "∀I")
1791next
1792  AOT_assume β(𝒜𝒜φ{β}  β = α)
1793  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
1794  AOT_hence 𝒜φ{β}  β = α for β
1795    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1796  AOT_thus β (𝒜φ{β}  β = α)
1797    by (rule "∀I")
1798qed
1799
1800AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
1801proof -
1802  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)  using descriptions[axiom_inst] by blast
1803  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
1804  proof(rule "≡I"; rule "→I"; rule "∀I")
1805    AOT_assume z (𝒜φ{z}  z = x)
1806    AOT_hence 𝒜φ{a}  a = x for a using "∀E" by blast
1807    AOT_thus 𝒜𝒜φ{a}  a = x for a by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1808  next
1809    AOT_assume z (𝒜𝒜φ{z}  z = x)
1810    AOT_hence 𝒜𝒜φ{a}  a = x for a using "∀E" by blast
1811    AOT_thus 𝒜φ{a}  a = x for a  by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1812  qed
1813  also AOT_have ...  x = ιx(𝒜φ{x})
1814    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
1815  finally show ?thesis .
1816qed
1817
1818AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
1819proof(rule "→I")
1820  AOT_assume ιx φ{x}
1821  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1822  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1823  moreover AOT_have a = ιx(𝒜φ{x}) using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
1824  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x}) using "rule=E" by fast
1825qed
1826
1827AOT_theorem "nec-hintikka-scheme": x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
1828proof -
1829  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x) using descriptions[axiom_inst] by blast
1830  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
1831    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
1832  finally show ?thesis.
1833qed
1834
1835AOT_theorem "equiv-desc-eq:1": 𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1836proof(rule "→I"; rule "∀I")
1837  fix β
1838  AOT_assume 𝒜x(φ{x}  ψ{x})
1839  AOT_hence 𝒜(φ{x}  ψ{x}) for x using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
1840  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x by (metis "Act-Basic:5" "≡E"(1))
1841  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β) using "nec-hintikka-scheme" by blast
1842  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1843  proof (rule "≡I"; rule "→I")
1844    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
1845    AOT_hence 𝒜φ{z}  z = β for z using "&E" "∀E" by blast
1846    AOT_hence 𝒜ψ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1847    AOT_hence z(𝒜ψ{z}  z = β) using "∀I" by fast
1848    moreover AOT_have 𝒜ψ{β} using "&E" 0[THEN "≡E"(1)] 1 by blast
1849    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β) using "&I" by blast
1850  next
1851    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1852    AOT_hence 𝒜ψ{z}  z = β for z using "&E" "∀E" by blast
1853    AOT_hence 𝒜φ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1854    AOT_hence z(𝒜φ{z}  z = β) using "∀I" by fast
1855    moreover AOT_have 𝒜φ{β} using "&E" 0[THEN "≡E"(2)] 1 by blast
1856    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β) using "&I" by blast
1857  qed
1858  also AOT_have ...  β = ιx ψ{x}
1859    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
1860  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
1861qed
1862
1863AOT_theorem "equiv-desc-eq:2": ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1864proof(rule "→I")
1865  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
1866  AOT_hence 0: y (y = ιx φ{x}) and
1867            1: x (x = ιx φ{x}  x = ιx ψ{x})
1868    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
1869  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1870  moreover AOT_have a = ιx ψ{x} using calculation 1 "∀E" "≡E"(1) by fast
1871  ultimately AOT_show ιx φ{x} = ιx ψ{x}
1872    using "rule=E" by fast
1873qed
1874
1875AOT_theorem "equiv-desc-eq:3": ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1876  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E" "nec-imp-act"[THEN "→E"] by metis
1877
1878(* Note: this is a special case of "exist-nec" *)
1879AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
1880proof(rule "→I")
1881  AOT_assume ιx φ{x}
1882  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1883  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1884  AOT_thus ιx φ{x}
1885    using "ex:2:a" "rule=E" by fast
1886qed
1887
1888AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
1889proof(rule "→I")
1890  AOT_assume ιx φ{x}
1891  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1892  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1893  AOT_hence (a = ιx φ{x}) by (metis "id-nec:2" "vdash-properties:10")
1894  AOT_thus y (y = ιx φ{x}) by (rule "∃I")
1895qed
1896
1897AOT_act_theorem "equiv-desc-eq2:1": x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1898  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:1"[THEN "→E"]
1899        "RA[1]" "deduction-theorem" by blast
1900
1901AOT_act_theorem "equiv-desc-eq2:2": ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1902  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:2"[THEN "→E", OF "&I"]
1903        "RA[1]" "deduction-theorem" "&E" by metis
1904
1905context russel_axiom
1906begin
1907AOT_theorem "nec-russell-axiom": ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1908proof -
1909  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
1910    using "nec-hintikka-scheme" "∀I" by fast
1911  show ?thesis
1912  proof(rule "≡I"; rule "→I")
1913    AOT_assume c: ψ{ιx φ{x}}
1914    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1915    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1916    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1917    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a)) using b "∀E" by blast
1918    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) using "≡E" by blast
1919    moreover AOT_have ψ{a}
1920    proof - 
1921      AOT_have 1: xy(x = y  y = x)
1922        by (simp add: "id-eq:2" "universal-cor")
1923      AOT_have a = ιx φ{x}   ιx φ{x} = a
1924        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1925           (auto simp: d "universal-cor" 1)
1926      AOT_thus ψ{a}
1927        using a_def c "rule=E" "→E" by metis
1928    qed
1929    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a} by (rule "&I")
1930    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x}) by (rule "∃I")
1931  next
1932    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1933    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1934    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b)) using b "∀E" by blast
1935    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1936    AOT_hence b = ιx φ{x} using h "≡E" by blast
1937    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1938  qed
1939qed
1940end
1941
1942AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
1943proof (rule "≡I"; rule "→I")
1944  AOT_assume ιx φ{x}
1945  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1946  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1947  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1948    using descriptions[axiom_inst] by blast
1949  ultimately AOT_have z(𝒜φ{z}  z = a)
1950    using "≡E" by blast
1951  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
1952  AOT_thus ∃!x 𝒜φ{x}
1953    using "uniqueness:2"[THEN "≡E"(2)] by fast
1954next
1955  AOT_assume ∃!x 𝒜φ{x}
1956  AOT_hence xz(𝒜φ{z}  z = x)
1957    using "uniqueness:2"[THEN "≡E"(1)] by fast
1958  then AOT_obtain a where z(𝒜φ{z}  z = a) using "instantiation"[rotated] by blast
1959  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1960    using descriptions[axiom_inst] by blast
1961  ultimately AOT_have a = ιx φ{x} using "≡E" by blast
1962  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1963qed
1964
1965AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
1966  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme" "reductio-aa:2" "vdash-properties:9" by blast
1967
1968AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
1969  using "actual-desc:2". (* TODO: same as above *)
1970
1971AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
1972proof(rule "→I")
1973  AOT_assume ιx φ{x}
1974  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1975  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1976  AOT_thus 𝒜φ{ιx φ{x}}
1977    using "actual-desc:2" "rule=E" "→E" by fast
1978qed
1979
1980(* TODO: take another look at proof in PLM *)
1981AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
1982proof(rule "→I")
1983  AOT_assume 0: ιx φ{x} = ιx ψ{x}
1984  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
1985    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
1986  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x}) by (metis "rule=I:1" "existential:1")+
1987  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
1988    using "instantiation"[rotated] by metis
1989
1990  AOT_have αβ (α = β  β = α) by (rule "∀I"; rule "∀I"; rule "id-eq:2")
1991  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
1992    using "∀E" φ_down by blast
1993  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
1994    using "∀E" ψ_down by blast
1995  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
1996    "→E" by blast
1997
1998  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
1999  proof(rule "≡I"; rule "→I")
2000    AOT_assume 𝒜φ{x}
2001    moreover AOT_have 𝒜φ{x}  x = a for x
2002      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)] "∀E" by blast
2003    ultimately AOT_have x = a using "→E" by blast
2004    AOT_hence x = ιx φ{x} using a_eq "rule=E" by blast
2005    AOT_hence x = ιx ψ{x} using 0 "rule=E" by blast
2006    AOT_thus 𝒜ψ{x} by (metis "actual-desc:3" "vdash-properties:6")
2007  next
2008    AOT_assume 𝒜ψ{x}
2009    moreover AOT_have 𝒜ψ{x}  x = b for x
2010      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)] "∀E" by blast
2011    ultimately AOT_have x = b using "→E" by blast
2012    AOT_hence x = ιx ψ{x} using b_eq "rule=E" by blast
2013    AOT_hence x = ιx φ{x} using 1 "rule=E" by blast
2014    AOT_thus 𝒜φ{x} by (metis "actual-desc:3" "vdash-properties:6")
2015  qed
2016  AOT_hence 𝒜(φ{x}  ψ{x}) for x by (metis "Act-Basic:5" "≡E"(2))
2017  AOT_hence x 𝒜(φ{x}  ψ{x}) by (rule "∀I")
2018  AOT_thus 𝒜x (φ{x}  ψ{x})
2019    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2020qed    
2021
2022AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2023proof(rule "→I")
2024  AOT_assume ∃!x φ{x}
2025  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2026    using "uniqueness:1"[THEN "≡dfE"] by blast
2027  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
2028  AOT_show y (y = ιx φ{x}  φ{y})
2029  proof(rule GEN; rule "→I")
2030    fix y
2031    AOT_assume y = ιx φ{x}
2032    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y) using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2033    AOT_hence 𝒜φ{b}  b = y using "&E" "∀E" by blast
2034    moreover AOT_have 𝒜φ{b} using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2035    ultimately AOT_have b = y using "→E" by blast
2036    moreover AOT_have φ{b} using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2037    ultimately AOT_show φ{y} using "rule=E" by blast
2038  qed
2039qed
2040
2041AOT_theorem "!box-desc:2": x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2042proof(rule "→I"; rule "→I")
2043  AOT_assume x (φ{x}  φ{x})
2044  moreover AOT_assume ∃!x φ{x}
2045  ultimately AOT_have ∃!x φ{x}
2046    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2047  AOT_thus y (y = ιx φ{x}  φ{y})
2048    using "!box-desc:1" "→E" by blast
2049qed
2050
2051AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ} (* TODO: vacuous *)
2052  by (simp add: "rule=I:1" "→I")
2053
2054AOT_theorem "RM:1[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2055proof -
2056  AOT_have Γ  (φ  ψ) using "RN[prem]" assms by blast
2057  AOT_thus Γ  φ  ψ by (metis "qml:1"[axiom_inst] "→E")
2058qed
2059
2060AOT_theorem "RM:1": assumes  φ  ψ shows  φ  ψ
2061  using "RM:1[prem]" assms by blast
2062
2063lemmas RM = "RM:1"
2064
2065AOT_theorem "RM:2[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2066proof -
2067  AOT_have Γ  ¬ψ  ¬φ using assms 
2068    by (simp add: "contraposition:1[1]")
2069  AOT_hence Γ  ¬ψ  ¬φ using "RM:1[prem]" by blast
2070  AOT_thus Γ  φ  ψ
2071    by (meson "≡dfE" "≡dfI" "conventions:5" "deduction-theorem" "modus-tollens:1")
2072qed
2073
2074AOT_theorem "RM:2": assumes  φ  ψ shows  φ  ψ
2075  using "RM:2[prem]" assms by blast
2076
2077lemmas "RM◇" = "RM:2"
2078
2079AOT_theorem "RM:3[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2080proof -
2081  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2082  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:1[prem]" by metis+
2083  AOT_thus Γ  φ  ψ
2084    by (simp add: "≡I")
2085qed
2086
2087AOT_theorem "RM:3": assumes  φ  ψ shows  φ  ψ
2088  using "RM:3[prem]" assms by blast
2089
2090lemmas RE = "RM:3"
2091
2092AOT_theorem "RM:4[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2093proof -
2094  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2095  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:2[prem]" by metis+
2096  AOT_thus Γ  φ  ψ by (simp add: "≡I")
2097qed
2098
2099AOT_theorem "RM:4": assumes  φ  ψ shows  φ  ψ
2100  using "RM:4[prem]" assms by blast
2101
2102lemmas "RE◇" = "RM:4"
2103
2104AOT_theorem "KBasic:1": φ  (ψ  φ)
2105  by (simp add: RM "pl:1"[axiom_inst])
2106
2107AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2108  by (simp add: RM "useful-tautologies:3")
2109
2110AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2111proof (rule "≡I"; rule "→I")
2112  AOT_assume (φ & ψ)
2113  AOT_thus φ & ψ
2114    by (meson RM "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2115next
2116  AOT_have φ  (ψ  (φ & ψ)) by (simp add: "RM:1" Adjunction)
2117  AOT_hence φ  (ψ  (φ & ψ))  by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2118  moreover AOT_assume φ & ψ
2119  ultimately AOT_show (φ & ψ)
2120    using "→E" "&E" by blast
2121qed
2122
2123AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2124proof -
2125  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2126    by (fact "KBasic:3")
2127  AOT_modally_strict {
2128    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2129      by (fact "conventions:3"[THEN "≡Df"])
2130  }
2131  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2132    by (rule RE)
2133  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2134    using "≡E"(5) by blast
2135qed
2136
2137AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2138proof -
2139  AOT_have (φ  ψ)  (φ  ψ)
2140    by (fact "qml:1"[axiom_inst])
2141  moreover AOT_have (ψ  φ)  (ψ  φ)
2142    by (fact "qml:1"[axiom_inst])
2143  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2144    by (metis "&I" MP "Double Composition")
2145  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2146    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2147  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2148    by (metis "Hypothetical Syllogism")
2149qed
2150
2151AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2152  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "vdash-properties:10" by blast
2153AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2154proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2155  AOT_assume φ & ψ
2156  AOT_hence φ and ψ using "&E" by blast+
2157  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2158  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2159  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2160next
2161  AOT_assume ¬φ & ¬ψ
2162  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2163  AOT_modally_strict {
2164    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2165      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2166  }
2167  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2168    by (rule RM)
2169  AOT_thus (φ  ψ) using 0 "→E" by blast
2170qed(auto)
2171
2172AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2173  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2174AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2175  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2176AOT_theorem "KBasic:10": φ  ¬¬φ
2177  by (simp add: "RM:3" "oth-class-taut:3:b")
2178AOT_theorem "KBasic:11": ¬φ  ¬φ
2179proof (rule "≡I"; rule "→I")
2180  AOT_show ¬φ if ¬φ
2181    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2182next
2183  AOT_show ¬φ if ¬φ
2184    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2185qed
2186AOT_theorem "KBasic:12": φ  ¬¬φ
2187proof (rule "≡I"; rule "→I")
2188  AOT_show ¬¬φ if φ
2189    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2190next
2191  AOT_show φ if ¬¬φ
2192  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2193qed
2194AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2195proof -
2196  AOT_have φ  ψ  φ  ψ by blast
2197  AOT_hence (φ  ψ)  φ  ψ
2198    using "RM:2[prem]" by blast
2199  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2200qed
2201lemmas "K◇" = "KBasic:13"
2202AOT_theorem "KBasic:14": φ  ¬¬φ
2203  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2204AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2205proof -
2206  AOT_modally_strict {
2207    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2208      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2209  }
2210  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2211    using RM by blast+
2212  AOT_thus (φ  ψ)  (φ  ψ)
2213    by (metis "∨E"(1) "deduction-theorem")
2214qed
2215
2216AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2217  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism" Importation "vdash-properties:6")
2218
2219AOT_theorem "rule-sub-lem:1:a":
2220  assumes  (ψ  χ)
2221  shows  ¬ψ  ¬χ
2222  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2223        "≡E"(1) "oth-class-taut:4:b" by blast
2224
2225AOT_theorem "rule-sub-lem:1:b":
2226  assumes  (ψ  χ)
2227  shows  (ψ  Θ)  (χ  Θ)
2228  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2229  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2230
2231AOT_theorem "rule-sub-lem:1:c":
2232  assumes  (ψ  χ)
2233  shows  (Θ  ψ)  (Θ  χ)
2234  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2235  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2236
2237AOT_theorem "rule-sub-lem:1:d":
2238  assumes for arbitrary α:  (ψ{α}  χ{α})
2239  shows  α ψ{α}  α χ{α}
2240proof -
2241  AOT_modally_strict {
2242    AOT_have α (ψ{α}  χ{α})
2243      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2244    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2245    AOT_show α ψ{α}  α χ{α}
2246    proof (rule "≡I"; rule "→I")
2247      AOT_assume α ψ{α}
2248      AOT_hence ψ{α} for α using "∀E" by blast
2249      AOT_hence χ{α} for α using 0 "≡E" by blast
2250      AOT_thus α χ{α} by (rule "∀I")
2251    next
2252      AOT_assume α χ{α}
2253      AOT_hence χ{α} for α using "∀E" by blast
2254      AOT_hence ψ{α} for α using 0 "≡E" by blast
2255      AOT_thus α ψ{α} by (rule "∀I")
2256    qed
2257  }
2258qed
2259
2260AOT_theorem "rule-sub-lem:1:e":
2261  assumes  (ψ  χ)
2262  shows   ψ]   χ]
2263  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2264  using "≡E"(1) "propositions-lemma:6" by blast
2265
2266AOT_theorem "rule-sub-lem:1:f":
2267  assumes  (ψ  χ)
2268  shows  𝒜ψ  𝒜χ
2269  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2270  by (metis "Act-Basic:5" "≡E"(1))
2271
2272AOT_theorem "rule-sub-lem:1:g":
2273  assumes  (ψ  χ)
2274  shows  ψ  χ
2275  using "KBasic:6" assms "vdash-properties:6" by blast
2276
2277text‹Note that instead of deriving @{text "rule-sub-lem:2"}, @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2278     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2279
2280class AOT_subst =
2281  fixes AOT_subst :: "('a  𝗈)  bool"
2282    and AOT_subst_cond :: "'a  'a  bool"
2283  assumes AOT_subst: "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2284
2285named_theorems AOT_substI
2286
2287instantiation 𝗈 :: AOT_subst
2288begin
2289
2290inductive AOT_subst_𝗈 where
2291  AOT_subst_𝗈_id[AOT_substI]: "AOT_subst_𝗈 (λφ. φ)"
2292| AOT_subst_𝗈_const[AOT_substI]: "AOT_subst_𝗈 (λφ. ψ)"
2293| AOT_subst_𝗈_not[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)"
2294| AOT_subst_𝗈_imp[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)"
2295| AOT_subst_𝗈_lambda0[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))"
2296| AOT_subst_𝗈_act[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)"
2297| AOT_subst_𝗈_box[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)"
2298| AOT_subst_𝗈_by_def[AOT_substI]: "( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ))  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ"
2299
2300definition AOT_subst_cond_𝗈 where "AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]"
2301
2302instance
2303proof
2304  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2305  assume cond: ‹AOT_subst_cond ψ χ
2306  assume ‹AOT_subst φ
2307  moreover AOT_have  ψ  χ using cond unfolding AOT_subst_cond_𝗈_def by blast
2308  ultimately AOT_show  φ{ψ}  φ{χ}
2309  proof (induct arbitrary: ψ χ)
2310    case AOT_subst_𝗈_id
2311    thus ?case using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2312  next
2313    case (AOT_subst_𝗈_const ψ)
2314    thus ?case by (simp add: "oth-class-taut:3:a")
2315  next
2316    case (AOT_subst_𝗈_not Θ)
2317    thus ?case by (simp add: RN "rule-sub-lem:1:a")
2318  next
2319    case (AOT_subst_𝗈_imp Θ Ξ)
2320    thus ?case by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2321  next
2322    case (AOT_subst_𝗈_lambda0 Θ)
2323    thus ?case by (simp add: RN "rule-sub-lem:1:e")
2324  next
2325    case (AOT_subst_𝗈_act Θ)
2326    thus ?case by (simp add: RN "rule-sub-lem:1:f")
2327  next
2328    case (AOT_subst_𝗈_box Θ)
2329    thus ?case by (simp add: RN "rule-sub-lem:1:g")
2330  next
2331    case (AOT_subst_𝗈_by_def Θ Ξ)
2332    AOT_modally_strict {
2333      AOT_have Ξ{ψ}  Ξ{χ} using AOT_subst_𝗈_by_def by simp
2334      AOT_thus Θ{ψ}  Θ{χ}
2335        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ] "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2336        by (metis "≡E"(6) "oth-class-taut:3:a")
2337    }
2338  qed
2339qed
2340end
2341
2342instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2343begin
2344
2345definition AOT_subst_cond_fun :: "('a  'b)  ('a  'b)  bool" where
2346  "AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α)) (ψ (AOT_term_of_var α))"
2347
2348inductive AOT_subst_fun :: "(('a  'b)  𝗈)  bool" where
2349  AOT_subst_fun_const[AOT_substI]: "AOT_subst_fun (λφ. ψ)"
2350| AOT_subst_fun_id[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var x)))"
2351| AOT_subst_fun_all[AOT_substI]: "AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α)))  AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)"
2352| AOT_subst_fun_not[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)"
2353| AOT_subst_fun_imp[AOT_substI]: "AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)"
2354| AOT_subst_fun_lambda0[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))"
2355| AOT_subst_fun_act[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)"
2356| AOT_subst_fun_box[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)"
2357| AOT_subst_fun_def[AOT_substI]: "( φ . AOT_model_equiv_def (Θ φ) (Ψ φ))  AOT_subst_fun Ψ  AOT_subst_fun Θ"
2358
2359instance proof
2360  fix ψ χ :: "'a  'b" and φ :: ('a  'b)  𝗈›
2361  assume ‹AOT_subst φ
2362  moreover assume cond: ‹AOT_subst_cond ψ χ
2363  ultimately AOT_show  «φ ψ»  «φ χ»
2364  proof(induct)
2365    case (AOT_subst_fun_const ψ)
2366    then show ?case by (simp add: "oth-class-taut:3:a")
2367  next
2368  case (AOT_subst_fun_id Ψ x)
2369  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2370  next
2371  case (AOT_subst_fun_all Ψ Θ)
2372  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2373    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2374  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2375    by (simp add: RN "rule-sub-lem:1:d" AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2376  next
2377  case (AOT_subst_fun_not Ψ)
2378  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2379  next
2380  case (AOT_subst_fun_imp Ψ Θ)
2381  then show ?case 
2382    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2383    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "vdash-properties:6")
2384  next
2385  case (AOT_subst_fun_lambda0 Θ)
2386  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2387  next
2388  case (AOT_subst_fun_act Θ)
2389  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2390  next
2391  case (AOT_subst_fun_box Θ)
2392  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2393  next
2394  case (AOT_subst_fun_def Θ Ψ)
2395  then show ?case
2396    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2397  qed
2398qed
2399end
2400
2401method_setup AOT_defI =
2402‹Scan.lift (Scan.succeed (fn ctxt => (Method.CONTEXT_METHOD (fn thms => (Context_Tactic.CONTEXT_SUBGOAL (fn (trm,int) => 
2403Context_Tactic.CONTEXT_TACTIC (
2404let
2405fun findHeadConst (Const x) = SOME x
2406  | findHeadConst (A $ B) = findHeadConst A
2407  | findHeadConst _ = NONE
2408fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ rhs) = findHeadConst lhs
2409  | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2410  | findDef (Abs (a,b,c)) = findDef c
2411  | findDef _ = NONE
2412val const_opt = (findDef trm)
2413val defs = case const_opt of SOME const => List.filter (fn thm => let
2414    val concl = Thm.concl_of thm
2415    val thmconst = (findDef concl)
2416    in case thmconst of SOME (c,_) => fst const = c | _ => false end) (AOT_Definitions.get ctxt)
2417    | _ => []
2418in
2419resolve_tac ctxt defs 1
2420end
2421)) 1)))))
2422‹Resolve AOT definitions›
2423
2424method AOT_subst_intro_helper = ((rule AOT_substI
2425      | AOT_defI
2426      | (simp only: AOT_subst_cond_𝗈_def AOT_subst_cond_fun_def; ((rule allI)+)?)))
2427
2428method AOT_subst for ψ::"'a::AOT_subst" and χ::"'a::AOT_subst" =
2429    (match conclusion in "[v  «φ ψ»]" for φ and v 
2430      match (φ) in "λa . ?p" fail¦ "λa . a" fail2431       ¦ _ rule AOT_subst[where φ=φ and ψ=ψ and χ=χ, THEN "≡E"(2)]
2432       ; (AOT_subst_intro_helper+)?››)
2433
2434method AOT_subst_rev for χ::"'a::AOT_subst" and ψ::"'a::AOT_subst" =
2435    (match conclusion in "[v  «φ ψ»]" for φ and v 
2436      match (φ) in "λa . ?p" fail¦ "λa . a" fail2437       ¦ _ rule AOT_subst[where φ=φ and ψ=χ and χ=ψ, THEN "≡E"(1)]
2438       ; (AOT_subst_intro_helper+)?››)
2439
2440method AOT_subst_manual for φ::"'a::AOT_subst  𝗈" =
2441    (rule AOT_subst[where φ=φ, THEN "≡E"(2)]; (AOT_subst_intro_helper+)?)
2442
2443method AOT_subst_manual_rev for φ::"'a::AOT_subst  𝗈" =
2444    (rule AOT_subst[where φ=φ, THEN "≡E"(1)]; (AOT_subst_intro_helper+)?)
2445
2446method AOT_subst_using uses subst =
2447    (match subst in "[?w  ψ  χ]" for ψ χ  2448       match conclusion in "[v  «φ ψ»]" for φ v 2449         rule AOT_subst[where φ=φ and ψ=ψ and χ=χ, THEN "≡E"(2)]
2450         ; ((AOT_subst_intro_helper | (fact subst; fail))+)?››)
2451
2452method AOT_subst_using_rev uses subst =
2453    (match subst in "[?w  ψ  χ]" for ψ χ  2454      match conclusion in "[v  «φ χ»]" for φ v 2455        rule AOT_subst[where φ=φ and ψ=ψ and χ=χ, THEN "≡E"(1)]
2456        ; ((AOT_subst_intro_helper | (fact subst; fail))+)?››)
2457
2458AOT_theorem "rule-sub-remark:1[1]": assumes  A!x  ¬E!x and ¬A!x shows ¬¬E!x
2459  by (AOT_subst_rev "«A!x»" "«¬E!x»") (auto simp: assms)
2460
2461AOT_theorem "rule-sub-remark:1[2]": assumes  A!x  ¬E!x and  ¬¬E!x shows ¬A!x
2462  by (AOT_subst "«A!x»" "«¬E!x»") (auto simp: assms)
2463
2464AOT_theorem "rule-sub-remark:2[1]":
2465  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy shows p  [R]xy & ([Q]a  ¬[Q]a)
2466  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2467
2468AOT_theorem "rule-sub-remark:2[2]":
2469  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy & ([Q]a  ¬[Q]a) shows p  [R]xy
2470  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2471
2472AOT_theorem "rule-sub-remark:3[1]":
2473  assumes for arbitrary x:  A!x  ¬E!x
2474      and x A!x
2475    shows x ¬E!x
2476  by (AOT_subst_rev "λκ. «A!κ»" "λκ. «¬E!κ»") (auto simp: assms)
2477
2478AOT_theorem "rule-sub-remark:3[2]":
2479  assumes for arbitrary x:  A!x  ¬E!x
2480      and x ¬E!x
2481    shows x A!x
2482  by (AOT_subst "λκ. «A!κ»" "λκ. «¬E!κ»") (auto simp: assms)
2483
2484AOT_theorem "rule-sub-remark:4[1]":
2485  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x shows 𝒜[P]x
2486  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2487
2488AOT_theorem "rule-sub-remark:4[2]":
2489  assumes  ¬¬[P]x  [P]x and 𝒜[P]x shows 𝒜¬¬[P]x
2490  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2491
2492AOT_theorem "rule-sub-remark:5[1]":
2493  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ) shows (¬ψ  ¬φ)
2494  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2495
2496AOT_theorem "rule-sub-remark:5[2]":
2497  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ) shows (φ  ψ) 
2498  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2499
2500AOT_theorem "rule-sub-remark:6[1]":
2501  assumes  ψ  χ and (φ  ψ) shows (φ  χ) 
2502  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2503
2504AOT_theorem "rule-sub-remark:6[2]":
2505  assumes  ψ  χ and (φ  χ) shows (φ  ψ)
2506  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2507
2508AOT_theorem "rule-sub-remark:7[1]":
2509  assumes  φ  ¬¬φ and (φ  φ) shows (¬¬φ  φ) 
2510  by (AOT_subst_using_rev subst: assms(1)) (simp add: assms(2))
2511
2512AOT_theorem "rule-sub-remark:7[2]":
2513  assumes  φ  ¬¬φ and (¬¬φ  φ) shows  (φ  φ)
2514  by (AOT_subst_using subst: assms(1)) (simp add: assms(2))
2515
2516AOT_theorem "KBasic2:1": ¬φ  ¬φ
2517  by (meson "conventions:5" "contraposition:2" "Hypothetical Syllogism" "df-rules-formulas[3]"
2518            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
2519
2520AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
2521proof -
2522  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
2523    by (simp add: "RE◇" "oth-class-taut:5:b")
2524  also AOT_have   ¬(¬φ & ¬ψ)
2525    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2526  also AOT_have   ¬(¬φ & ¬ψ)
2527    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
2528  also AOT_have   ¬(¬φ & ¬ψ)
2529    apply (AOT_subst_rev "«¬φ»" "«¬φ»")
2530    apply (simp add: "KBasic2:1")
2531    apply (AOT_subst_rev "«¬ψ»" "«¬ψ»")
2532    by (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2533  also AOT_have   ¬¬(φ  ψ)
2534    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
2535  also AOT_have   φ  ψ
2536    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
2537  finally show ?thesis .
2538qed
2539
2540AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
2541  by (metis "RM◇" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "deduction-theorem" "modus-tollens:1" "reductio-aa:1")
2542
2543AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
2544proof -
2545  AOT_have (φ  ψ)  (¬φ  ψ)
2546    by (AOT_subst "«φ  ψ»" "«¬φ  ψ»")
2547       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
2548  also AOT_have ...  ¬φ  ψ
2549    by (simp add: "KBasic2:2")
2550  also AOT_have ...  ¬φ  ψ
2551    by (AOT_subst "«¬φ»" "«¬φ»")
2552       (auto simp: "KBasic:11" "oth-class-taut:3:a")
2553  also AOT_have ...  φ  ψ
2554    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
2555  finally show ?thesis .
2556qed
2557
2558AOT_theorem "KBasic2:5": φ  ¬¬φ
2559  apply (AOT_subst "«φ»" "«¬¬φ»")
2560   apply (simp add: "conventions:5" "≡Df")
2561  apply (AOT_subst "«¬¬φ»" "«¬¬¬¬φ»")
2562   apply (simp add: "conventions:5" "≡Df")
2563  apply (AOT_subst_rev "«¬φ»"  "«¬¬¬φ»")
2564   apply (simp add: "oth-class-taut:3:b")
2565  by (simp add: "oth-class-taut:3:a")
2566
2567
2568AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
2569proof(rule "→I"; rule "raa-cor:1")
2570  AOT_assume (φ  ψ)
2571  AOT_hence (¬φ  ψ)
2572    apply - apply (AOT_subst_rev "«φ  ψ»" "«¬φ  ψ»")
2573    by (simp add: "conventions:2" "≡Df")
2574  AOT_hence 1: ¬φ  ψ using "KBasic:13" "vdash-properties:10" by blast
2575  AOT_assume ¬(φ  ψ)
2576  AOT_hence ¬φ and ¬ψ using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
2577  AOT_thus ψ & ¬ψ using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
2578qed
2579
2580AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
2581proof(rule "→I"; frule "&E"(1); drule "&E"(2))
2582  AOT_assume (φ  ψ)
2583  AOT_hence 1: φ  ψ
2584    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
2585  AOT_assume ¬φ
2586  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
2587  AOT_thus ψ using 1 "∨E"(2) by blast
2588qed
2589
2590AOT_theorem "T-S5-fund:1": φ  φ
2591  by (meson "≡dfI" "conventions:5" "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" "qml:2"[axiom_inst])
2592lemmas "T◇" = "T-S5-fund:1"
2593
2594AOT_theorem "T-S5-fund:2": φ  φ
2595proof(rule "→I")
2596  AOT_assume φ
2597  AOT_hence ¬¬φ
2598    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
2599  moreover AOT_have ¬φ  ¬φ
2600    by (fact "qml:3"[axiom_inst])
2601  ultimately AOT_have ¬¬φ
2602    using "modus-tollens:1" by blast
2603  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
2604qed
2605lemmas "5◇" = "T-S5-fund:2"
2606
2607(* Also interestingly none of these have proofs in PLM. *)
2608AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
2609  by (AOT_subst "«𝒜¬φ»" "«¬𝒜φ»")
2610     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
2611
2612AOT_theorem "Act-Sub:2": φ  𝒜φ
2613  apply (AOT_subst "«φ»" "«¬¬φ»")
2614   apply (simp add: "conventions:5" "≡Df")
2615  by (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
2616            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
2617
2618AOT_theorem "Act-Sub:3": 𝒜φ  φ
2619  apply (AOT_subst "«φ»" "«¬¬φ»")
2620   apply (simp add: "conventions:5" "≡Df")
2621  by (metis "Act-Sub:1" "deduction-theorem" "≡E"(4) "nec-imp-act" "reductio-aa:2" "vdash-properties:6")
2622
2623
2624AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
2625proof (rule "≡I"; rule "→I")
2626  AOT_assume 𝒜φ
2627  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
2628next
2629  AOT_assume 𝒜φ
2630  AOT_hence ¬¬𝒜φ
2631    using "≡dfE" "conventions:5" by blast
2632  AOT_hence ¬𝒜¬φ
2633    apply - apply (AOT_subst "«𝒜¬φ»" "«¬𝒜φ»")
2634    by (simp add: "logic-actual-nec:1"[axiom_inst])
2635  AOT_thus 𝒜φ
2636      using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4) "reductio-aa:1" by blast
2637qed
2638
2639AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
2640  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "deduction-theorem" "≡E"(1) "≡E"(2) "vdash-properties:6")
2641
2642AOT_theorem "S5Basic:1": φ  φ
2643  by (simp add: "≡I" "qml:2" "qml:3" "vdash-properties:1[2]")
2644
2645AOT_theorem "S5Basic:2": φ  φ
2646  by (simp add: "T◇" "5◇" "≡I")
2647
2648AOT_theorem "S5Basic:3": φ  φ
2649  using "T◇" "Hypothetical Syllogism" "qml:3" "vdash-properties:1[2]" by blast
2650lemmas "B" = "S5Basic:3"
2651
2652AOT_theorem "S5Basic:4": φ  φ
2653  using "5◇" "Hypothetical Syllogism" "qml:2" "vdash-properties:1[2]" by blast
2654lemmas "B◇" = "S5Basic:4"
2655
2656AOT_theorem "S5Basic:5": φ  φ
2657  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
2658lemmas "4" = "S5Basic:5"
2659
2660AOT_theorem "S5Basic:6": φ  φ
2661  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
2662
2663AOT_theorem "S5Basic:7": φ  φ
2664  apply (AOT_subst "«φ»" "«¬¬φ»")
2665   apply (simp add: "conventions:5" "≡Df")
2666  apply (AOT_subst "«φ»" "«¬¬φ»")
2667   apply (simp add: "conventions:5" "≡Df")
2668  apply (AOT_subst_rev "«¬φ»" "«¬¬¬φ»")
2669   apply (simp add: "oth-class-taut:3:b")
2670  apply (AOT_subst_rev "«¬φ»" "«¬φ»")
2671   apply (simp add: "S5Basic:6")
2672  by (simp add: "if-p-then-p")
2673
2674lemmas "4◇" = "S5Basic:7"
2675
2676AOT_theorem "S5Basic:8": φ  φ
2677  by (simp add: "4◇" "T◇" "≡I")
2678
2679AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
2680  apply (rule "≡I"; rule "→I")
2681  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10" apply blast
2682  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "con-dis-taut:7"
2683            "intro-elim:1" "Commutativity of ∨")
2684
2685AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
2686(* Note: nicely this proof is entirely sledgehammer generated *)
2687proof(rule "≡I"; rule "→I")
2688  AOT_assume (φ  ψ)
2689  AOT_hence φ  ψ
2690    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
2691  AOT_thus φ  ψ
2692    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
2693next
2694  AOT_assume φ  ψ
2695  AOT_hence φ  ψ
2696    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
2697  AOT_thus (φ  ψ)
2698    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
2699qed
2700
2701AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
2702proof -
2703  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
2704    by (AOT_subst "«φ & ψ»" "«¬(¬φ  ¬ψ)»")
2705       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
2706  also AOT_have   ¬(¬φ  ¬ψ)
2707    by (AOT_subst "«¬ψ»" "«¬ψ»")
2708       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2709  also AOT_have   ¬(¬φ  ¬ψ)
2710    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2711  also AOT_have   ¬(¬φ  ¬ψ)
2712    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
2713  also AOT_have   ¬(¬φ  ¬ψ)
2714    apply (AOT_subst "«¬φ»" "«¬φ»")
2715     apply (simp add: "KBasic2:1")
2716    apply (AOT_subst "«¬ψ»" "«¬ψ»")
2717    by (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2718  also AOT_have   φ & ψ
2719    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
2720  finally show ?thesis .
2721qed
2722
2723AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
2724proof (rule "≡I"; rule "→I")
2725  AOT_assume (φ & ψ)
2726  AOT_hence φ & ψ
2727    using "KBasic2:3" "vdash-properties:6" by blast
2728  AOT_thus φ & ψ
2729    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
2730next
2731  AOT_assume φ & ψ
2732  moreover AOT_have (ψ & φ)  (φ & ψ)
2733    by (AOT_subst "«φ & ψ»" "«ψ & φ»")
2734       (auto simp: "Commutativity of &" "KBasic:16")
2735  ultimately AOT_show (φ & ψ)
2736    by (metis "4" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2737qed
2738
2739
2740AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
2741proof (rule "≡I")
2742  AOT_modally_strict {
2743    AOT_have (φ  ψ)  (φ  ψ)
2744      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "deduction-theorem")
2745  }
2746  AOT_hence (φ  ψ)  (φ  ψ)
2747    by (rule RM)
2748  AOT_thus  (φ  ψ)  (φ  ψ)
2749    using "4" "Hypothetical Syllogism" by blast
2750next
2751  AOT_modally_strict {
2752    AOT_have (φ  ψ)  (φ  ψ)
2753      by (meson "B" "Hypothetical Syllogism" "deduction-theorem" "qml:1" "vdash-properties:1[2]")
2754  }
2755  AOT_hence  (φ  ψ)  (φ  ψ)
2756    by (rule RM)
2757  AOT_thus (φ  ψ)  (φ  ψ)
2758    using "4" "Hypothetical Syllogism" by blast
2759qed
2760
2761AOT_theorem "derived-S5-rules:1":
2762  assumes Γ  φ  ψ shows Γ  φ  ψ
2763proof -
2764  AOT_have Γ  φ  ψ
2765    using assms by (rule "RM:1[prem]")
2766  AOT_thus Γ  φ  ψ
2767    using "B" "Hypothetical Syllogism" by blast
2768qed
2769
2770AOT_theorem "derived-S5-rules:2":
2771  assumes Γ  φ  ψ shows Γ  φ  ψ
2772proof -
2773  AOT_have Γ  φ  ψ
2774    using assms by (rule "RM:2[prem]")
2775  AOT_thus Γ  φ  ψ
2776    using "B◇" "Hypothetical Syllogism" by blast
2777qed
2778
2779AOT_theorem "BFs:1": α φ{α}  α φ{α}
2780proof -
2781  AOT_modally_strict {
2782    AOT_modally_strict {
2783      AOT_have α φ{α}  φ{α} for α by (fact AOT)
2784    }
2785    AOT_hence α φ{α}  φ{α} for α by (rule "RM◇")
2786    AOT_hence α φ{α}  α φ{α}
2787      using "B◇" "∀I" "→E" "→I" by metis
2788  }
2789  thus ?thesis using "derived-S5-rules:1" by blast
2790qed
2791lemmas "BF" = "BFs:1"
2792
2793AOT_theorem "BFs:2": α φ{α}  α φ{α}
2794proof -
2795  AOT_have α φ{α}  φ{α} for α using RM "cqt-orig:3" by metis
2796  thus ?thesis using  "cqt-orig:2"[THEN "→E"] "∀I" by metis
2797qed
2798lemmas "CBF" = "BFs:2"
2799
2800AOT_theorem "BFs:3": α φ{α}  α φ{α}
2801proof(rule "→I")
2802  AOT_modally_strict {
2803    AOT_have α ¬φ{α}  α ¬φ{α}
2804      using BF CBF "≡I" by blast
2805  } note θ = this
2806
2807  AOT_assume α φ{α}
2808  AOT_hence ¬¬(α φ{α})
2809    using "≡dfE" "conventions:5" by blast
2810  AOT_hence ¬α ¬φ{α}
2811    apply - apply (AOT_subst "«α ¬φ{α}»" "«¬(α φ{α})»")
2812    using "≡dfI" "conventions:3" "conventions:4" "&I" "contraposition:2" "cqt-further:4"
2813          "df-rules-formulas[1]" "vdash-properties:1[2]" by blast
2814  AOT_hence ¬α ¬φ{α}
2815    apply - apply (AOT_subst_using_rev subst: θ)
2816    using θ by blast
2817  AOT_hence ¬α ¬¬¬φ{α}
2818    apply - apply (AOT_subst_rev "λ τ. «¬φ{τ}»"  "λ τ. «¬¬¬φ{τ}»")
2819    by (simp add: "oth-class-taut:3:b")
2820  AOT_hence 0: α ¬¬φ{α}
2821    by (rule "conventions:4"[THEN "≡dfI"])
2822  AOT_show α φ{α}
2823    apply (AOT_subst "λ τ . «φ{τ}»" "λ τ . «¬¬φ{τ}»")
2824     apply (simp add: "conventions:5" "≡Df")
2825    using 0 by blast
2826qed
2827lemmas "BF◇" = "BFs:3"
2828
2829AOT_theorem "BFs:4": α φ{α}  α φ{α}
2830proof(rule "→I")
2831  AOT_assume α φ{α}
2832  AOT_hence ¬α ¬φ{α}
2833    using "conventions:4"[THEN "≡dfE"] by blast
2834  AOT_hence ¬α ¬φ{α}
2835    apply - apply (AOT_subst "λ τ . «¬φ{τ}»" "λ τ . «¬φ{τ}»")
2836    by (simp add: "KBasic2:1")
2837  moreover AOT_have α ¬φ{α}  α ¬φ{α}
2838    using "≡I" "BF" "CBF" by metis
2839  ultimately AOT_have 1: ¬α ¬φ{α}
2840    using "≡E"(3) by blast
2841  AOT_show α φ{α}
2842    apply (rule "conventions:5"[THEN "≡dfI"])
2843    apply (AOT_subst "«α φ{α}»" "«¬α ¬φ{α}»")
2844     apply (simp add: "conventions:4" "≡Df")
2845    apply (AOT_subst "«¬¬α ¬φ{α}»" "«α ¬φ{α}»")
2846    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
2847qed
2848lemmas "CBF◇" = "BFs:4"
2849
2850AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
2851proof(rule "→I")
2852  AOT_assume α φ{α}
2853  then AOT_obtain α where φ{α} using "∃E" by metis
2854  moreover AOT_have α
2855    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
2856  moreover AOT_have φ{τ}, τ  α φ{α} for τ
2857  proof -
2858    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
2859    AOT_thus φ{τ}, τ  α φ{α}
2860      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
2861  qed
2862  ultimately AOT_show α φ{α} by blast
2863qed
2864lemmas Buridan = "sign-S5-thm:1"
2865
2866AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
2867proof -
2868  AOT_have α (α φ{α}  φ{α})
2869    by (simp add: "RM◇" "cqt-orig:3" "∀I")
2870  AOT_thus α φ{α}  α φ{α}
2871    using "∀E"(4) "∀I" "→E" "→I" by metis
2872qed
2873lemmas "Buridan◇" = "sign-S5-thm:2"
2874
2875AOT_theorem "sign-S5-thm:3": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
2876  apply (rule "RM:2")
2877  by (metis (no_types, lifting) "instantiation" "&I" "&E"(1)
2878                                "&E"(2) "deduction-theorem" "existential:2[const_var]")
2879
2880AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
2881  apply (rule "RM:2")
2882  by (meson "instantiation" "&E"(1) "deduction-theorem" "existential:2[const_var]")
2883
2884AOT_theorem "sign-S5-thm:5": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
2885proof -
2886  {
2887    fix φ' ψ' χ'
2888    AOT_assume  φ' & ψ'  χ'
2889    AOT_hence φ' & ψ'  χ'
2890      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
2891      using "&E" "&I" "→E" "→I" by metis
2892  } note R = this
2893  show ?thesis by (rule R; fact AOT)
2894qed
2895
2896AOT_theorem "sign-S5-thm:6": (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
2897proof -
2898  {
2899    fix φ' ψ' χ'
2900    AOT_assume  φ' & ψ'  χ'
2901    AOT_hence φ' & ψ'  χ'
2902      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
2903      using "&E" "&I" "→E" "→I" by metis
2904  } note R = this
2905  show ?thesis by (rule R; fact AOT)
2906qed
2907
2908AOT_theorem "exist-nec2:1": τ  τ
2909  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
2910
2911AOT_theorem "exists-nec2:2": τ  τ
2912  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec" "exist-nec2:1" "≡I" "nec-imp-act")
2913
2914AOT_theorem "exists-nec2:3": ¬τ  ¬τ
2915  using "KBasic2:1" "deduction-theorem" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
2916
2917AOT_theorem "exists-nec2:4": ¬τ  ¬τ
2918  by (metis "Act-Sub:3" "KBasic:12" "deduction-theorem" "exist-nec" "exists-nec2:3" "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
2919
2920AOT_theorem "id-nec2:1": α = β  α = β
2921  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
2922
2923AOT_theorem "id-nec2:2": α  β  α  β
2924  apply (AOT_subst_using subst: "=-infix"[THEN "≡Df"])
2925  using "KBasic2:1" "deduction-theorem" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
2926
2927AOT_theorem "id-nec2:3": α  β  α  β
2928  apply (AOT_subst_using subst: "=-infix"[THEN "≡Df"])
2929  by (metis "KBasic:11" "deduction-theorem" "id-nec:2" "≡E"(3) "reductio-aa:2" "vdash-properties:6")
2930
2931AOT_theorem "id-nec2:4": α = β  α = β
2932  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
2933
2934AOT_theorem "id-nec2:5": α  β  α  β
2935  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
2936
2937AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
2938  apply (rule "≡I"; rule "→I")
2939  using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:10" apply blast
2940  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2) "raa-cor:5" "vdash-properties:6")
2941
2942AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
2943  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "deduction-theorem" "≡I" "nec-imp-act" "raa-cor:2" "vdash-properties:10")
2944
2945AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
2946proof (rule "→I"; rule "≡I"; rule "→I")
2947  AOT_assume (φ  φ)
2948  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
2949  moreover AOT_assume ¬φ
2950  ultimately AOT_have ¬φ
2951    using "modus-tollens:1" by blast
2952  AOT_thus ¬φ
2953    using "KBasic2:1" "≡E"(2) by blast
2954next
2955  AOT_assume (φ  φ)
2956  moreover AOT_assume ¬φ
2957  ultimately AOT_show ¬φ
2958    using "modus-tollens:1" "qml:2" "vdash-properties:10" "vdash-properties:1[2]" by blast
2959qed
2960
2961AOT_theorem "sc-eq-box-box:4": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
2962proof(rule "→I"; rule "→I")
2963  AOT_assume θ: (φ  φ) & (ψ  ψ)
2964  AOT_assume ξ: φ  ψ
2965  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
2966    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
2967  moreover {
2968    AOT_assume φ & ψ
2969    AOT_hence (φ  ψ)
2970      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
2971  }
2972  moreover {
2973    AOT_assume ¬φ & ¬ψ
2974    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
2975      using θ "Conjunction Simplification"(1) "Conjunction Simplification"(2) "sc-eq-box-box:3" "vdash-properties:10" by metis+
2976    ultimately AOT_have ¬φ & ¬ψ
2977      by (metis "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "≡E"(4) "modus-tollens:1" "raa-cor:3")
2978    AOT_hence (φ  ψ)
2979      using "KBasic:3" "KBasic:9" "≡E"(2) "vdash-properties:10" by blast
2980  }
2981  ultimately AOT_show (φ  ψ)
2982    using "∨E"(2) "reductio-aa:1" by blast
2983qed
2984
2985AOT_theorem "sc-eq-box-box:5": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
2986proof (rule "→I")
2987  AOT_assume ((φ  φ) & (ψ  ψ))
2988  AOT_hence ((φ  φ) & (ψ  ψ))
2989    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
2990  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
2991  proof (rule RM; rule "→I"; rule "→I")
2992    AOT_modally_strict {
2993      AOT_assume A: ((φ  φ) & (ψ  ψ))
2994      AOT_hence φ  φ and ψ  ψ
2995        using "&E" "qml:2"[axiom_inst] "→E" by blast+
2996      moreover AOT_assume φ  ψ
2997      ultimately AOT_have φ  ψ
2998        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
2999      moreover AOT_have (φ  ψ)  (φ  ψ)
3000        using A "sc-eq-box-box:4" "→E" by blast
3001      ultimately AOT_show (φ  ψ) using "→E" by blast
3002    }
3003  qed
3004  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3005qed
3006
3007AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3008proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3009  AOT_assume ¬(φ  ψ)
3010  AOT_hence 1: ¬(φ  ψ) by (metis "KBasic:11" "≡E"(1))
3011  AOT_have (φ & ¬ψ)
3012    apply (AOT_subst «φ & ¬ψ» «¬(φ  ψ)»)
3013     apply (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3014    by (fact 1)
3015  AOT_hence φ and 2: ¬ψ using "KBasic2:3"[THEN "→E"] "&E" by blast+
3016  moreover AOT_assume (φ  φ)
3017  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3018  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3019  moreover AOT_assume φ  ψ
3020  ultimately AOT_have ψ using "→E" by blast
3021  moreover AOT_have ¬ψ using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3022  ultimately AOT_show ψ & ¬ψ using "&I" by blast
3023qed
3024
3025AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3026proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3027  AOT_assume ¬𝒜(φ  ψ)
3028  AOT_hence 1: 𝒜¬(φ  ψ) by (metis "Act-Basic:1" "∨E"(2))
3029  AOT_have 𝒜(φ & ¬ψ)
3030    apply (AOT_subst «φ & ¬ψ» «¬(φ  ψ)»)
3031     apply (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3032    by (fact 1)
3033  AOT_hence 𝒜φ and 2: 𝒜¬ψ using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3034  AOT_hence φ by (metis "Act-Sub:3" "→E")
3035  moreover AOT_assume (φ  φ)
3036  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3037  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3038  moreover AOT_assume φ  𝒜ψ
3039  ultimately AOT_have 𝒜ψ using "→E" by blast
3040  moreover AOT_have ¬𝒜ψ using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3041  ultimately AOT_show 𝒜ψ & ¬𝒜ψ using "&I" by blast
3042qed
3043
3044AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3045  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3046
3047AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3048  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism" "deduction-theorem" "≡I" "nec-imp-act")
3049
3050AOT_theorem "sc-eq-fur:3": x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3051proof (rule "→I"; rule "→I")
3052  AOT_assume x (φ{x}  φ{x})
3053  AOT_hence A: x (φ{x}  φ{x}) using CBF "→E" by blast
3054  AOT_assume ∃!x φ{x}
3055  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3056    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3057  moreover AOT_have φ{a} using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3058  AOT_hence 𝒜φ{a} using "nec-imp-act" "vdash-properties:6" by blast
3059  moreover AOT_have y (𝒜φ{y}  y = a)
3060  proof (rule "∀I"; rule "→I")
3061    fix b
3062    AOT_assume 𝒜φ{b}
3063    AOT_hence φ{b}
3064      using "Act-Sub:3" "vdash-properties:6" by blast
3065    moreover {
3066      AOT_have (φ{b}  φ{b})
3067        using A "∀E"(2) by blast
3068      AOT_hence φ{b}  φ{b}
3069        using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:6" by blast
3070    }
3071    ultimately AOT_have φ{b} using "→E" by blast
3072    AOT_hence φ{b} using "qml:2"[axiom_inst] "→E" by blast
3073    AOT_thus b = a
3074      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3075  qed
3076  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3077    using "&I" by blast
3078  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x)) using "∃I" by fast
3079  AOT_hence ∃!x 𝒜φ{x} using "uniqueness:1"[THEN "≡dfI"] by fast
3080  AOT_thus ιx φ{x}
3081    using "actual-desc:1"[THEN "≡E"(2)] by blast
3082qed
3083
3084AOT_theorem "sc-eq-fur:4": x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3085proof (rule "→I")
3086  AOT_assume x (φ{x}  φ{x})
3087  AOT_hence x (φ{x}  φ{x}) using CBF "→E" by blast
3088  AOT_hence A: 𝒜φ{α}  φ{α} for α using "sc-eq-fur:2" "∀E" "→E" by fast
3089  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3090  proof (rule "≡I"; rule "→I")
3091    AOT_assume x = ιx φ{x}
3092    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3093      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3094    AOT_show φ{x} & z (φ{z}  z = x)
3095    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3096      AOT_show φ{x} using A B[THEN "&E"(1)] "≡E"(1) by blast
3097    next
3098      AOT_show z = x if φ{z} for z
3099        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3100    qed
3101  next
3102    AOT_assume B: φ{x} & z (φ{z}  z = x)
3103    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3104    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3105      AOT_show 𝒜φ{x} using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3106    next
3107      AOT_show b = x if 𝒜φ{b} for b
3108        using that A[THEN "≡E"(1)] B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3109    qed
3110    AOT_thus x = ιx φ{x}
3111      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3112  qed
3113qed
3114
3115AOT_theorem "id-act:1": α = β  𝒜α = β
3116  by (meson "Act-Sub:3" "Hypothetical Syllogism" "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3117
3118AOT_theorem "id-act:2": α  β  𝒜α  β
3119proof (AOT_subst "«α  β»" "«¬(α = β)»")
3120  AOT_modally_strict {
3121    AOT_show α  β  ¬(α = β)
3122      by (simp add: "=-infix" "≡Df")
3123  }
3124next
3125  AOT_show ¬(α = β)  𝒜¬(α = β)
3126  proof (safe intro!: "≡I" "→I")
3127    AOT_assume ¬α = β
3128    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3129    AOT_thus 𝒜¬α = β
3130      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3131  next
3132    AOT_assume 𝒜¬α = β
3133    AOT_hence ¬𝒜α = β
3134      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3135    AOT_thus ¬α = β
3136      using "id-act:1" "≡E"(4) by blast
3137  qed
3138qed
3139
3140AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3141proof -
3142  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3143    by (AOT_subst_using subst: "uniqueness:2")
3144       (simp add: "oth-class-taut:3:a")
3145  also AOT_have   α 𝒜β (φ{β}  β = α)
3146    by (simp add: "Act-Basic:10")
3147  also AOT_have   αβ 𝒜(φ{β}  β = α)
3148    by (AOT_subst "λ τ . «𝒜β (φ{β}  β = τ)»" "λ τ . «β 𝒜(φ{β}  β = τ)»")
3149       (auto simp: "logic-actual-nec:3" "vdash-properties:1[2]" "oth-class-taut:3:a")
3150  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3151    by (AOT_subst_rev "λ τ τ' . «𝒜(φ{τ'}  τ' = τ)»" "λ τ τ'. «𝒜φ{τ'}  𝒜τ' = τ»")
3152       (auto simp: "Act-Basic:5" "cqt-further:7")
3153  also AOT_have   αβ (𝒜φ{β}  β = α)
3154    apply (AOT_subst "λ τ τ' :: 'a . «𝒜τ' = τ»" "λ τ τ'. «τ' = τ»")
3155     apply (meson "id-act:1" "≡E"(6) "oth-class-taut:3:a")
3156    by (simp add: "cqt-further:7")
3157  also AOT_have ...  ∃!α 𝒜φ{α}
3158    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3159  finally show ?thesis .
3160qed
3161
3162AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3163  by (AOT_subst_using subst: "A-Exists:1")
3164     (simp add: "actual-desc:1")
3165
3166AOT_theorem "id-act-desc:1": ιx (x = y)
3167proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3168  AOT_show x E!x  E!x]ιx (x = y)
3169  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)]; rule "∃I"; (rule "&I")+)
3170    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3171  next
3172    AOT_show z (𝒜z = y  z = y)
3173      apply (rule "∀I")
3174      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3175  next
3176    AOT_show x E!x  E!x]y
3177    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3178      AOT_show x E!x  E!x]
3179        by "cqt:2[lambda]"
3180    next
3181      AOT_show E!y  E!y 
3182        by (simp add: "if-p-then-p")
3183    qed
3184  qed
3185next
3186  AOT_show x E!x  E!x]
3187    by "cqt:2[lambda]"
3188qed
3189
3190AOT_theorem "id-act-desc:2": y = ιx (x = y)
3191  by (rule descriptions[axiom_inst, THEN "≡E"(2)]; rule "∀I"; rule "id-act:1"[symmetric])
3192
3193AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3194  by (simp add: encoding "vdash-properties:1[2]")
3195
3196AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3197proof (rule "→I")
3198  AOT_assume x1x2[F]
3199  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3200    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3201  moreover AOT_have y [F]yx2] by "cqt:2[lambda]"
3202  moreover AOT_have y [F]x1y] by "cqt:2[lambda]"
3203  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3204    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3205  note A = this
3206  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3207    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3208  AOT_thus x1x2[F]
3209    by (rule "nary-encoding[2]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3210qed
3211
3212AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3213proof (rule "→I")
3214  AOT_assume x1x2x3[F]
3215  AOT_hence x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3216    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3217  moreover AOT_have y [F]yx2x3] by "cqt:2[lambda]"
3218  moreover AOT_have y [F]x1yx3] by "cqt:2[lambda]"
3219  moreover AOT_have y [F]x1x2y] by "cqt:2[lambda]"
3220  ultimately AOT_have x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3221    using encoding[axiom_inst, unvarify F] "→E" by blast+
3222  note A = this
3223  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3224    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3225  AOT_thus x1x2x3[F]
3226    by (rule "nary-encoding[3]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3227qed
3228
3229AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3230proof (rule "→I")
3231  AOT_assume x1x2x3x4[F]
3232  AOT_hence x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and  x4y [F]x1x2x3y]
3233    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3234  moreover AOT_have y [F]yx2x3x4] by "cqt:2[lambda]"
3235  moreover AOT_have y [F]x1yx3x4] by "cqt:2[lambda]"
3236  moreover AOT_have y [F]x1x2yx4] by "cqt:2[lambda]"
3237  moreover AOT_have y [F]x1x2x3y] by "cqt:2[lambda]"
3238  ultimately AOT_have x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and x4y [F]x1x2x3y]
3239    using "→E" encoding[axiom_inst, unvarify F] by blast+
3240  note A = this
3241  AOT_have B: (x1y [F]yx2x3x4] & x2y [F]x1yx3x4] & x3y [F]x1x2yx4] & x4y [F]x1x2x3y])
3242    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3243  AOT_thus x1x2x3x4[F]
3244    by (rule "nary-encoding[4]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3245qed
3246
3247AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
3248proof (rule "→I"; rule "raa-cor:1")
3249  AOT_assume ¬¬x1[F]
3250  AOT_hence x1[F]
3251    by (rule "conventions:5"[THEN "≡dfI"])
3252  AOT_hence x1[F]
3253    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3254  moreover AOT_assume ¬x1[F]
3255  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
3256qed
3257AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
3258proof (rule "→I"; rule "raa-cor:1")
3259  AOT_assume ¬¬x1x2[F]
3260  AOT_hence x1x2[F]
3261    by (rule "conventions:5"[THEN "≡dfI"])
3262  AOT_hence x1x2[F]
3263    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3264  moreover AOT_assume ¬x1x2[F]
3265  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
3266qed
3267
3268AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3269proof (rule "→I"; rule "raa-cor:1")
3270  AOT_assume ¬¬x1x2x3[F]
3271  AOT_hence x1x2x3[F]
3272    by (rule "conventions:5"[THEN "≡dfI"])
3273  AOT_hence x1x2x3[F]
3274    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3275  moreover AOT_assume ¬x1x2x3[F]
3276  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
3277qed
3278
3279AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3280proof (rule "→I"; rule "raa-cor:1")
3281  AOT_assume ¬¬x1x2x3x4[F]
3282  AOT_hence x1x2x3x4[F]
3283    by (rule "conventions:5"[THEN "≡dfI"])
3284  AOT_hence x1x2x3x4[F]
3285    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3286  moreover AOT_assume ¬x1x2x3x4[F]
3287  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
3288qed
3289
3290AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
3291  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3292AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
3293  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3294AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3295  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3296AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3297  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3298
3299AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
3300  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
3301AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
3302  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
3303AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
3304  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
3305AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
3306  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
3307
3308AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
3309  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[1]"] "≡I" by blast
3310AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
3311  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[2]"] "≡I" by blast
3312AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
3313  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[3]"] "≡I" by blast
3314AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
3315  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[4]"] "≡I" by blast
3316
3317AOT_theorem "en-eq:4[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3318  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3319  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
3320AOT_theorem "en-eq:4[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3321  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3322  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
3323AOT_theorem "en-eq:4[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3324  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3325  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
3326AOT_theorem "en-eq:4[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3327  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3328  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
3329
3330AOT_theorem "en-eq:5[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3331  apply (rule "≡I"; rule "→I")
3332  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3333  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3334        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]] by blast
3335AOT_theorem "en-eq:5[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3336  apply (rule "≡I"; rule "→I")
3337  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3338  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3339        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]] by blast
3340AOT_theorem "en-eq:5[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3341  apply (rule "≡I"; rule "→I")
3342  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3343  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3344        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]] by blast
3345AOT_theorem "en-eq:5[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3346  apply (rule "≡I"; rule "→I")
3347  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3348  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3349        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]] by blast
3350
3351AOT_theorem "en-eq:6[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3352  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
3353AOT_theorem "en-eq:6[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3354  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
3355AOT_theorem "en-eq:6[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3356  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
3357AOT_theorem "en-eq:6[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3358  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
3359
3360AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
3361  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
3362AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
3363  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
3364AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3365  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
3366AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3367  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
3368
3369AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
3370  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3371AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
3372  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3373AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3374  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3375AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3376  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3377
3378AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
3379  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
3380AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
3381  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
3382AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3383  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
3384AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3385  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
3386
3387AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
3388  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
3389AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
3390  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
3391AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
3392  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
3393AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
3394  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
3395
3396AOT_theorem "oa-facts:1": O!x  O!x
3397proof(rule "→I")
3398  AOT_modally_strict {
3399    AOT_have x E!x]x  E!x
3400      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3401  } note θ = this
3402  AOT_assume O!x
3403  AOT_hence x E!x]x
3404    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3405  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
3406  AOT_hence 0: E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
3407  AOT_have x E!x]x
3408    by (AOT_subst_using subst: θ) (simp add: 0)
3409  AOT_thus O!x
3410    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3411qed
3412
3413AOT_theorem "oa-facts:2": A!x  A!x
3414proof(rule "→I")
3415  AOT_modally_strict {
3416    AOT_have x ¬E!x]x  ¬E!x
3417      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3418  } note θ = this
3419  AOT_assume A!x
3420  AOT_hence x ¬E!x]x
3421    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3422  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
3423  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
3424  AOT_hence 0: ¬E!x using "4"[THEN "→E"] by blast
3425  AOT_have 1: ¬E!x
3426    apply (AOT_subst "«¬E!x»" "«¬E!x»")
3427    using "KBasic2:1"[symmetric] apply blast
3428    using 0 by blast
3429  AOT_have x ¬E!x]x
3430    by (AOT_subst_using subst: θ) (simp add: 1)
3431  AOT_thus A!x
3432    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3433qed
3434
3435AOT_theorem "oa-facts:3": O!x  O!x
3436  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3437AOT_theorem "oa-facts:4": A!x  A!x
3438  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3439
3440AOT_theorem "oa-facts:5": O!x  O!x
3441  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3442
3443AOT_theorem "oa-facts:6": A!x  A!x
3444  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3445
3446AOT_theorem "oa-facts:7": O!x  𝒜O!x
3447  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3448
3449AOT_theorem "oa-facts:8": A!x  𝒜A!x
3450  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3451
3452AOT_theorem "beta-C-meta": μ1...μn φ{μ1...μn, ν1...νn}]  (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3453  using "lambda-predicates:2"[axiom_inst] by blast
3454
3455AOT_theorem "beta-C-cor:1": (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}]))  ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3456  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
3457  using "beta-C-meta" "∀I" by fast
3458
3459AOT_theorem "beta-C-cor:2": μ1...μn φ{μ1...μn}]  ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
3460  apply (rule "→I"; rule "∀I")
3461  using "beta-C-meta"[THEN "→E"] by fast
3462
3463(* TODO: syntax + double-check if this is really a faithful representation *)
3464theorem "beta-C-cor:3": assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
3465  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn,μ1...μn}]ν1...νn  φ{ν1...νn,ν1...νn})]
3466  using "cqt:2[lambda]"[axiom_inst, OF assms] "beta-C-cor:1"[THEN "→E"] "∀I" by fast
3467
3468AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
3469proof -
3470  AOT_modally_strict {
3471    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
3472    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
3473      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
3474    ultimately AOT_show φ{κ1...κn}
3475      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
3476  }
3477qed
3478
3479AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
3480  using "betaC:1:a" "raa-cor:3" by blast
3481
3482lemmas "β→C" = "betaC:1:a" "betaC:1:b"
3483
3484AOT_theorem "betaC:2:a": μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3485proof -
3486  AOT_modally_strict {
3487    AOT_assume 1: μ1...μn φ{μ1...μn}] and 2: κ1...κn and 3: φ{κ1...κn}
3488    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
3489      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)] by blast
3490  }
3491  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3492    by blast
3493qed
3494
3495AOT_theorem "betaC:2:b": μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn  ¬φ{κ1...κn}
3496  using "betaC:2:a" "raa-cor:3" by blast
3497
3498lemmas "β←C" = "betaC:2:a" "betaC:2:b"
3499
3500AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
3501  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
3502
3503AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
3504  using "eta-conversion-lemma1:1". (* TODO: spurious in the embedding *)
3505
3506(* match (τ) in "λa . ?b" ⇒ ‹match (τ') in "λa . ?b" ⇒ ‹fail›› ¦ _ ⇒ ‹ *)
3507
3508text‹Note: not explicitly part of PLM.›
3509AOT_theorem id_sym: assumes τ = τ' shows τ' = τ
3510  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
3511        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
3512declare id_sym[sym]
3513
3514text‹Note: not explicitly part of PLM.›
3515AOT_theorem id_trans: assumes τ = τ' and τ' = τ'' shows τ = τ''
3516  using "rule=E" assms by blast
3517declare id_trans[trans]
3518
3519method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> = (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  3520rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"[THEN "→E", of v "«[Π]»", symmetric]]
3521)
3522(*
3523AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
3524  apply ("ηC" "«[P]»") defer
3525   apply ("ηC" "«[S]»") defer
3526  oops
3527*)
3528(* TODO: proper representation of eta_conversion_lemma2 *)
3529
3530AOT_theorem "sub-des-lam:1": z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}  z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3531proof(rule "→I")
3532  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
3533  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3534    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, τ}]»",
3535               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
3536    by blast
3537qed
3538
3539AOT_theorem "sub-des-lam:2": ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
3540  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»", OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
3541
3542AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
3543proof(rule "≡I"; rule "→I")
3544  AOT_assume F = G
3545  AOT_thus x (x[F]  x[G])
3546    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
3547next
3548  AOT_assume x (x[F]  x[G])
3549  AOT_hence x[F]  x[G] for x using "∀E" by blast
3550  AOT_hence (x[F]  x[G]) for x using "en-eq:6[1]"[THEN "≡E"(1)] by blast
3551  AOT_hence x (x[F]  x[G]) by (rule GEN)
3552  AOT_hence x (x[F]  x[G]) using BF[THEN "→E"] by fast
3553  AOT_thus "F = G" using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
3554qed
3555
3556AOT_theorem "relations:1":
3557  assumes INSTANCE_OF_CQT_2(φ)
3558  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
3559  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
3560  using "cqt:2[lambda]"[OF assms, axiom_inst] "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
3561
3562AOT_theorem "relations:2":
3563  assumes INSTANCE_OF_CQT_2(φ)
3564  shows F x ([F]x  φ{x})
3565  using "relations:1" assms by blast
3566
3567AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
3568proof(rule RAA(2))
3569  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
3570  AOT_assume A: x « x»]
3571  AOT_have x (A!x & F (x[F]  F = x « x»]))
3572    using "A-objects"[axiom_inst] by fast
3573  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
3574    using "∃E"[rotated] by blast
3575  AOT_show ¬x G (x[G] & ¬[G]x)]
3576  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3577    AOT_assume B: x « x»]a
3578    AOT_hence G (a[G] & ¬[G]a) using "β→C" A by blast
3579    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3580    moreover AOT_have P = x « x»]
3581      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3582    ultimately AOT_have ¬x « x»]a
3583      using "rule=E" "&E"(2) by fast
3584    AOT_thus ¬x G (x[G] & ¬[G]x)] using B RAA by blast
3585  next
3586    AOT_assume B: ¬x « x»]a
3587    AOT_hence ¬G (a[G] & ¬[G]a) using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
3588    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3589    AOT_have G (a[G]  [G]a)
3590      by (AOT_subst "λ Π . «a[Π]  [Π]a»" "λ Π . «¬(a[Π] & ¬[Π]a)»")
3591         (auto simp: "oth-class-taut:1:a" C)
3592    AOT_hence ax « x»]  x « x»]a using "∀E" A by blast
3593    moreover AOT_have ax « x»] using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
3594      using "=I"(1)[OF A] by blast
3595    ultimately AOT_show ¬x G (x[G] & ¬[G]x)] using B "→E" RAA by blast
3596  qed
3597qed(simp)
3598
3599AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
3600proof(rule RAA(2))
3601  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
3602  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x)) using "∃E"[rotated] by blast
3603  AOT_have x (A!x & G (x[G]  G = F))
3604    using "A-objects"[axiom_inst] by fast
3605  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
3606    using "∃E"[rotated] by blast
3607  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
3608  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3609    AOT_assume B: [F]a
3610    AOT_hence G (a[G] & ¬[G]a) using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
3611    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3612    moreover AOT_have P = F
3613      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3614    ultimately AOT_have ¬[F]a
3615      using "rule=E" "&E"(2) by fast
3616    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x)) using B RAA by blast
3617  next
3618    AOT_assume B: ¬[F]a
3619    AOT_hence ¬G (a[G] & ¬[G]a)
3620      using "oth-class-taut:4:b"[THEN "≡E"(1), OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)] by simp
3621    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3622    AOT_have G (a[G]  [G]a)
3623      by (AOT_subst "λ Π . «a[Π]  [Π]a»" "λ Π . «¬(a[Π] & ¬[Π]a)»")
3624         (auto simp: "oth-class-taut:1:a" C)
3625    AOT_hence a[F]  [F]a using "∀E" by blast
3626    moreover AOT_have a[F] using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
3627      using "=I"(2) by blast
3628    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x)) using B "→E" RAA by blast
3629  qed
3630qed(simp)
3631
3632AOT_theorem "block-paradox:3": ¬y z z = y]
3633proof(rule RAA(2))
3634  AOT_assume θ: y z z = y]
3635  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
3636    using "A-objects"[axiom_inst] by force
3637  then AOT_obtain a where a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
3638    using "∃E"[rotated] by blast
3639  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
3640    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
3641  AOT_show ¬y z z = y]
3642  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3643    AOT_assume A: az z = a]
3644    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
3645      using ζ[THEN "≡E"(1)] by blast
3646    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
3647      using "∃E"[rotated] by blast
3648    moreover AOT_have a = a by (rule "=I")
3649    moreover AOT_have z z = a] using θ "∀E" by blast
3650    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
3651    ultimately AOT_have z z = a]a using "β←C" by blast
3652    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
3653    AOT_hence a = b using "β→C" by blast
3654    AOT_hence bz z = a] using A "rule=E" by fast
3655    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
3656  next
3657    AOT_assume A: ¬az z = a]
3658    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
3659      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3660    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
3661      using "cqt-further:4"[THEN "→E"] by blast
3662    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
3663      using "∀E" by blast
3664    AOT_hence z z = a] = z z = a]  az z = a]
3665      by (metis "&I" "deduction-theorem" "raa-cor:4")
3666    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
3667    AOT_thus ¬y z z = y] using A RAA by blast
3668  qed
3669qed(simp)
3670
3671AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
3672proof(rule RAA(2))
3673  AOT_assume θ: y F x([F]x  x = y)
3674  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
3675    using "A-objects"[axiom_inst] by force
3676  then AOT_obtain a where a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
3677    using "∃E"[rotated] by blast
3678  AOT_obtain F where F_prop: x ([F]x  x = a) using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
3679  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
3680    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
3681  AOT_show ¬y F x([F]x  x = y)
3682  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3683    AOT_assume A: a[F]
3684    AOT_hence z (y ([F]y  y = z) & ¬z[F])
3685      using ζ[THEN "≡E"(1)] by blast
3686    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
3687      using "∃E"[rotated] by blast
3688    moreover AOT_have [F]a using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
3689    ultimately AOT_have a = b using "∀E"(2) "≡E"(1) "&E" by fast
3690    AOT_hence a = b using "β→C" by blast
3691    AOT_hence b[F] using A "rule=E" by fast
3692    AOT_thus ¬y F x([F]x  x = y) using b_prop[THEN "&E"(2)] RAA by blast
3693  next
3694    AOT_assume A: ¬a[F]
3695    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
3696      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3697    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
3698      using "cqt-further:4"[THEN "→E"] by blast
3699    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
3700      using "∀E" by blast
3701    AOT_hence y ([F]y  y = a)  a[F]
3702      by (metis "&I" "deduction-theorem" "raa-cor:4")
3703    AOT_hence a[F] using F_prop "→E" by blast
3704    AOT_thus ¬y F x([F]x  x = y) using A RAA by blast
3705  qed
3706qed(simp)
3707
3708AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
3709proof(rule "raa-cor:2")
3710  AOT_assume Fxy([F]xy  y = x)
3711  then AOT_obtain F where F_prop: xy([F]xy  y = x) using "∃E"[rotated] by blast
3712  {
3713    fix x
3714    AOT_have 1: y([F]xy  y = x) using F_prop "∀E" by blast
3715    AOT_have 2: z [F]xz] by "cqt:2[lambda]"
3716    moreover AOT_have y(z [F]xz]y  y = x)
3717    proof(rule "∀I")
3718      fix y
3719      AOT_have z [F]xz]y  [F]xy
3720        using "beta-C-meta"[THEN "→E"] 2 by fast
3721      also AOT_have ...  y = x using 1 "∀E"
3722        by fast
3723      finally AOT_show z [F]xz]y  y = x.
3724    qed
3725    ultimately AOT_have Fy([F]y  y = x)
3726      using "∃I" by fast
3727  }
3728  AOT_hence xFy([F]y  y = x)
3729    by (rule GEN)
3730  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
3731    using "&I" "block-paradox:4" by blast
3732qed
3733
3734AOT_act_theorem "block-paradox2:1": x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3735proof(rule "→I"; rule "raa-cor:2")
3736  AOT_assume antecedant: x [G]x
3737  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
3738  proof(rule GEN)
3739    fix x
3740    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x))  ∃!y (y = x & H (x[H] & ¬[H]x))
3741    proof(rule "≡I"; rule "→I")
3742      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
3743      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
3744        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
3745      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
3746        using "1-exists:1"[THEN "≡E"(1)] by blast
3747    next
3748      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3749      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x) and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
3750        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3751      AOT_have a_3: [G]a
3752        using antecedant "∀E" by blast
3753      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
3754        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
3755        apply (rule "∃I"(2))
3756        using a_1 a_2 a_3 "&I" by blast
3757    qed
3758    also AOT_have B: ...  H (x[H] & ¬[H]x)
3759    proof (rule "≡I"; rule "→I")
3760      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3761      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
3762        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3763      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
3764    next
3765      AOT_assume H (x[H] & ¬[H]x)
3766      AOT_hence x = x & H (x[H] & ¬[H]x)
3767        using "id-eq:1" "&I" by blast
3768      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
3769        by (simp add: "Conjunction Simplification"(1) "universal-cor")
3770      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
3771        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
3772    qed
3773    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
3774  qed
3775
3776  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3777  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  [G]ιy(y = x & H (x[H] & ¬[H]x)))
3778    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
3779  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
3780    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
3781  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
3782    using "∃I"(1) A by fast
3783  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) & (¬F x ([F]x  H (x[H] & ¬[H]x)))
3784    using "block-paradox:2" "&I" by blast
3785qed
3786
3787AOT_act_theorem "block-paradox2:2": G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3788proof(rule "∃I"(1))
3789  AOT_have 0: x p (p p)]
3790    by "cqt:2[lambda]"
3791  moreover AOT_have x x p (p p)]x
3792    apply (rule GEN)
3793    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
3794    using "if-p-then-p" GEN by fast
3795  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
3796      using "block-paradox2:1" "∀I" by fast
3797  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
3798    using "∀E"(1) "→E" by blast
3799qed("cqt:2[lambda]")
3800
3801AOT_theorem propositions: p (p  φ)
3802proof(rule "∃I"(1))
3803  AOT_show (φ  φ)
3804    by (simp add: RN "oth-class-taut:3:a")
3805next
3806  AOT_show φ
3807    by (simp add: "log-prop-prop:2")
3808qed
3809
3810AOT_theorem "pos-not-equiv-ne:1": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3811proof (rule "→I")
3812  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3813  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3814    using "KBasic:11"[THEN "≡E"(2)] by blast
3815  AOT_hence ¬(F = G)
3816    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
3817  AOT_thus F  G
3818    using "=-infix"[THEN "≡dfI"] by blast
3819qed
3820
3821AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
3822proof (rule "→I")
3823  AOT_modally_strict {
3824    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
3825    proof (rule "→I"; rule "raa-cor:2")
3826      AOT_assume 1: F = G
3827      AOT_hence φ{F}  φ{G} using "l-identity"[axiom_inst, THEN "→E"] by blast
3828      moreover {
3829        AOT_have G = F using 1 id_sym by blast
3830        AOT_hence φ{G}  φ{F} using "l-identity"[axiom_inst, THEN "→E"] by blast
3831      }
3832      ultimately AOT_have φ{F}  φ{G} using "≡I" by blast
3833      moreover AOT_assume ¬(φ{F}  φ{G})
3834      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
3835        using "&I" by blast
3836    qed
3837  }
3838  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
3839    using "RM:2[prem]" by blast
3840  moreover AOT_assume ¬(φ{F}  φ{G})
3841  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
3842  AOT_have (F  G)
3843    by (AOT_subst "«F  G»" "«¬(F = G)»")
3844       (auto simp: "=-infix" "≡Df" 0)
3845  AOT_thus F  G
3846    using "id-nec2:3"[THEN "→E"] by blast
3847qed
3848
3849AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
3850proof (rule "→I")
3851  AOT_modally_strict {
3852    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
3853    proof (rule "→I"; rule "raa-cor:2")
3854      AOT_assume 1: p = q
3855      AOT_hence φ{p}  φ{q} using "l-identity"[axiom_inst, THEN "→E"] by blast
3856      moreover {
3857        AOT_have q = p using 1 id_sym by blast
3858        AOT_hence φ{q}  φ{p} using "l-identity"[axiom_inst, THEN "→E"] by blast
3859      }
3860      ultimately AOT_have φ{p}  φ{q} using "≡I" by blast
3861      moreover AOT_assume ¬(φ{p}  φ{q})
3862      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
3863        using "&I" by blast
3864    qed
3865  }
3866  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
3867    using "RM:2[prem]" by blast
3868  moreover AOT_assume ¬(φ{p}  φ{q})
3869  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
3870  AOT_have (p  q)
3871    by (AOT_subst "«p  q»" "«¬(p = q)»")
3872       (auto simp: 0 "=-infix" "≡Df")
3873  AOT_thus p  q
3874    using "id-nec2:3"[THEN "→E"] by blast
3875qed
3876
3877AOT_theorem "pos-not-equiv-ne:3": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3878  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
3879
3880AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
3881  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
3882
3883AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
3884  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"] "T◇"[THEN "→E"] by blast
3885
3886AOT_define relation_negation ::  Π" ("_-")
3887  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
3888
3889nonterminal φneg
3890syntax "" :: "φneg  τ" ("_")
3891syntax "" :: "φneg  φ" ("'(_')")
3892
3893AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
3894  "df-relation-negation[zero]": "(p)- =df  ¬p]"
3895
3896AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
3897  by "cqt:2[lambda]"
3898
3899AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
3900  using "cqt:2[lambda0]"[axiom_inst] by blast
3901
3902AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
3903  using "=I"(1)[OF "rel-neg-T:1"]
3904  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
3905
3906AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
3907  using "=I"(1)[OF "rel-neg-T:1[zero]"]
3908  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
3909
3910AOT_theorem "rel-neg-T:3": [Π]-
3911  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"] "rel-neg-T:1" by blast
3912
3913AOT_theorem "rel-neg-T:3[zero]": (φ)-
3914  using "log-prop-prop:2" by blast
3915(*  using "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"] "rel-neg-T:1[zero]" by blast *)
3916
3917(* Note: PLM states the zero place case twice *)
3918AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
3919proof -
3920  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
3921    using "rule=E"[rotated, OF "rel-neg-T:2"] "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
3922    "→I" "≡I" by fast
3923  also AOT_have ...  ¬[F]x1...xn
3924    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
3925  finally show ?thesis.
3926qed
3927
3928AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
3929  apply (AOT_subst "«[F]x1...xn»" "«¬¬[F]x1...xn»")
3930   apply (simp add: "oth-class-taut:3:b")
3931  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
3932  using "thm-relation-negation:1".
3933
3934AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
3935proof -
3936  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
3937  AOT_hence ((p)-)   ¬p]
3938    using "df-relation-negation[zero]" "log-prop-prop:2" "oth-class-taut:3:a" "rule-id-df:2:a" by blast
3939  also AOT_have  ¬p]  ¬p
3940    by (simp add: "propositions-lemma:2")
3941  finally show ?thesis.
3942qed
3943
3944AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
3945  using "thm-relation-negation:3"[THEN "≡E"(1)]
3946        "thm-relation-negation:3"[THEN "≡E"(2)]
3947        "≡I" "→I" RAA by metis
3948
3949AOT_theorem "thm-relation-negation:5": [F]  [F]-
3950proof -
3951  AOT_have ¬([F] = [F]-)
3952  proof (rule RAA(2))
3953    AOT_show [F]x1...xn  [F]x1...xn for x1xn
3954      using "if-p-then-p".
3955  next
3956    AOT_assume [F] = [F]-
3957    AOT_hence [F]- = [F] using id_sym by blast
3958    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
3959      using "rule=E" "thm-relation-negation:1" by fast
3960    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
3961      using "≡E" RAA by metis
3962  qed
3963  thus ?thesis
3964    using "≡dfI" "=-infix" by blast
3965qed
3966
3967AOT_theorem "thm-relation-negation:6": p  (p)-
3968proof -
3969  AOT_have ¬(p = (p)-)
3970  proof (rule RAA(2))
3971    AOT_show p  p
3972      using "if-p-then-p".
3973  next
3974    AOT_assume p = (p)-
3975    AOT_hence (p)- = p using id_sym by blast
3976    AOT_hence p  ¬p
3977      using "rule=E" "thm-relation-negation:3" by fast
3978    AOT_thus ¬(p  p)
3979      using "≡E" RAA by metis
3980  qed
3981  thus ?thesis
3982    using "≡dfI" "=-infix" by blast
3983qed
3984
3985AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
3986  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
3987  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]" "propositions-lemma:1" id_trans by blast+
3988
3989AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
3990proof(rule "→I")
3991  AOT_assume p = q
3992  moreover AOT_have (¬p) using "log-prop-prop:2".
3993  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
3994  ultimately AOT_show (¬p) = (¬q)
3995    using "rule=E" by fast
3996qed
3997
3998AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
3999proof(rule "→I")
4000  AOT_assume p = q
4001  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4002  AOT_thus (p)- = (q)-
4003    using "thm-relation-negation:7" id_sym id_trans by metis
4004qed
4005
4006AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4007  "contingent-properties:1": Necessary([F]) df x1...∀xn [F]x1...xn
4008
4009AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4010  "contingent-properties:1[zero]": Necessary0(p) df p
4011
4012AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4013  "contingent-properties:2": Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4014
4015AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4016  "contingent-properties:2[zero]": Impossible0(p) df ¬p
4017
4018AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4019  "contingent-properties:3": NonContingent([F]) df Necessary([F])  Impossible([F])
4020
4021AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4022  "contingent-properties:3[zero]": NonContingent0(p) df Necessary0(p)  Impossible0(p)
4023
4024AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4025  "contingent-properties:4": Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4026
4027AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4028  "contingent-properties:4[zero]": Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4029
4030
4031AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4032proof (rule "≡I"; rule "→I")
4033  AOT_assume NonContingent([F])
4034  AOT_hence Necessary([F])  Impossible([F])
4035    using "≡dfE"[OF "contingent-properties:3"] by blast
4036  moreover {
4037    AOT_assume Necessary([F])
4038    AOT_hence (x1...∀xn [F]x1...xn)
4039      using "≡dfE"[OF "contingent-properties:1"] by blast
4040    moreover AOT_modally_strict {
4041      AOT_assume x1...∀xn [F]x1...xn
4042      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4043      AOT_hence ¬[F]-x1...xn for x1xn
4044        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:2" "≡E"(1))
4045      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4046    }
4047    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4048      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4049    AOT_hence Impossible([F]-)
4050      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(2)]
4051      by blast
4052  }
4053  moreover {
4054    AOT_assume Impossible([F])
4055    AOT_hence (x1...∀xn ¬[F]x1...xn)
4056      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4057      by blast
4058    moreover AOT_modally_strict {
4059      AOT_assume x1...∀xn ¬[F]x1...xn
4060      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4061      AOT_hence [F]-x1...xn for x1xn
4062        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(1))
4063      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4064    }
4065    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4066      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4067    AOT_hence Necessary([F]-)
4068      using "≡dfI"[OF "contingent-properties:1"] by blast
4069  }
4070  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4071    using "∨E"(1) "∨I" "→I" by metis
4072  AOT_thus NonContingent([F]-)
4073    using "≡dfI"[OF "contingent-properties:3"] by blast
4074next
4075  AOT_assume NonContingent([F]-)
4076  AOT_hence Necessary([F]-)  Impossible([F]-)
4077    using "≡dfE"[OF "contingent-properties:3"] by blast
4078  moreover {
4079    AOT_assume Necessary([F]-)
4080    AOT_hence (x1...∀xn [F]-x1...xn)
4081      using "≡dfE"[OF "contingent-properties:1"] by blast
4082    moreover AOT_modally_strict {
4083      AOT_assume x1...∀xn [F]-x1...xn
4084      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4085      AOT_hence ¬[F]x1...xn for x1xn
4086        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(2))
4087      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4088    }
4089    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4090      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4091    AOT_hence Impossible([F])
4092      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4093      by blast
4094  }
4095  moreover {
4096    AOT_assume Impossible([F]-)
4097    AOT_hence (x1...∀xn ¬[F]-x1...xn)
4098      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(1)]
4099      by blast
4100    moreover AOT_modally_strict {
4101      AOT_assume x1...∀xn ¬[F]-x1...xn
4102      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
4103      AOT_hence [F]x1...xn for x1xn 
4104        using "thm-relation-negation:1"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4105              "useful-tautologies:1"[THEN "→E"] by blast
4106      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
4107    }
4108    ultimately AOT_have (x1...∀xn [F]x1...xn)
4109      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
4110    AOT_hence Necessary([F])
4111      using "≡dfI"[OF "contingent-properties:1"] by blast
4112  }
4113  ultimately AOT_have Necessary([F])  Impossible([F])
4114    using "∨E"(1) "∨I" "→I" by metis
4115  AOT_thus NonContingent([F])
4116    using "≡dfI"[OF "contingent-properties:3"] by blast
4117qed
4118
4119AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
4120proof -
4121  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
4122    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]]
4123    by blast
4124  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
4125    using "oth-class-taut:5:d" by fastforce
4126  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
4127    by (simp add: "Commutativity of &")
4128  also AOT_have ...  x [F]x & ¬Necessary([F])
4129  proof (rule "oth-class-taut:4:e"[THEN "→E"])
4130    AOT_have ¬Impossible([F])  ¬¬ x [F]x
4131      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4132      apply (AOT_subst "«x [F]x»" "«¬ x ¬[F]x»")
4133       apply (simp add: "conventions:4" "≡Df")
4134      apply (AOT_subst_rev "«x ¬[F]x»" "«¬¬x ¬[F]x»" )
4135       apply (simp add: "oth-class-taut:3:b")
4136      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]] by blast
4137    also AOT_have ...  x [F]x
4138      using "conventions:5"[THEN "≡Df", symmetric] by blast
4139    finally AOT_show ¬Impossible([F])  x [F]x .
4140  qed
4141  also AOT_have ...  x [F]x & x ¬[F]x
4142  proof (rule "oth-class-taut:4:f"[THEN "→E"])
4143    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
4144      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4145      apply (AOT_subst "«x ¬[F]x»" "«¬ x ¬¬[F]x»")
4146       apply (simp add: "conventions:4" "≡Df")
4147      apply (AOT_subst_rev "λ κ . «[F]κ»" "λ κ . «¬¬[F]κ»")
4148       apply (simp add: "oth-class-taut:3:b")
4149      apply (AOT_subst_rev "«x [F]x»" "«¬¬x [F]x»")
4150      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
4151    also AOT_have ...  x ¬[F]x
4152      using "conventions:5"[THEN "≡Df", symmetric] by blast
4153    finally AOT_show ¬Necessary([F])  x ¬[F]x.
4154  qed
4155  finally show ?thesis.
4156qed
4157
4158AOT_theorem "thm-cont-prop:3": Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
4159proof -
4160  {
4161    fix Π :: <κ>
4162    AOT_assume Π
4163    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4164      using "thm-cont-prop:2" GEN by fast
4165    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
4166      using "thm-cont-prop:2" "∀E" by fast
4167  } note 1 = this
4168  AOT_have Contingent([F])  x [F]x & x ¬[F]x
4169    using "thm-cont-prop:2" by blast
4170  also AOT_have ...  x ¬[F]x & x [F]x
4171    by (simp add: "Commutativity of &")
4172  also AOT_have ...  x [F]-x & x [F]x
4173    by (AOT_subst "λ κ . «[F]-κ»"  "λκ . «¬[F]κ»")
4174       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
4175  also AOT_have ...  x [F]-x & x ¬[F]-x
4176    by (AOT_subst_rev "λ κ . «¬[F]-κ»"  "λκ . «[F]κ»")
4177       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
4178  also AOT_have ...  Contingent([F]-)
4179    using 1[OF "rel-neg-T:3", symmetric] by blast
4180  finally show ?thesis.
4181qed
4182
4183AOT_define concrete_if_concrete :: ‹Π› ("L")  L_def: L =df x E!x  E!x]
4184
4185AOT_theorem "thm-noncont-e-e:1": Necessary(L)
4186proof -
4187  AOT_modally_strict {
4188    fix x
4189    AOT_have x E!x  E!x] by "cqt:2[lambda]"
4190    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4191    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4192    ultimately AOT_have x E!x  E!x]x
4193      using "β←C" by blast
4194  }
4195  AOT_hence 0: x x E!x  E!x]x
4196    using RN GEN by blast
4197  show ?thesis
4198    apply (rule "=dfI"(2)[OF L_def])
4199     apply "cqt:2[lambda]"
4200    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
4201qed
4202
4203AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
4204proof -
4205  AOT_modally_strict {
4206    fix x
4207
4208    AOT_have 0: F (¬[F]-x  [F]x)
4209      using "thm-relation-negation:2" GEN by fast
4210    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
4211      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
4212    moreover {
4213      AOT_have x E!x  E!x] by "cqt:2[lambda]"
4214      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4215      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4216      ultimately AOT_have x E!x  E!x]x
4217        using "β←C" by blast
4218    }
4219    ultimately AOT_have ¬x E!x  E!x]-x
4220      using "≡E" by blast
4221  }
4222  AOT_hence 0: x ¬x E!x  E!x]-x
4223    using RN GEN by fast
4224  show ?thesis
4225    apply (rule "=dfI"(2)[OF L_def])
4226     apply "cqt:2[lambda]"
4227    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
4228     using "rel-neg-T:3"
4229     apply blast
4230    using 0
4231    by blast
4232qed
4233
4234AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
4235  using "thm-noncont-e-e:1"
4236  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
4237
4238AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
4239proof -
4240  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
4241    using "thm-cont-prop:1" "∀I" by fast
4242  moreover AOT_have 1: L
4243    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4244  AOT_show NonContingent([L]-)
4245    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
4246qed
4247
4248AOT_theorem "thm-noncont-e-e:5": F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
4249proof (rule "∃I")+
4250  {
4251    AOT_have F [F]  [F]- using "thm-relation-negation:5" GEN by fast
4252    moreover AOT_have L
4253      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4254    ultimately AOT_have L  [L]- using "∀E" by blast
4255  }
4256  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
4257    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
4258next
4259  AOT_show [L]-
4260    using "rel-neg-T:3" by blast
4261next
4262  AOT_show L
4263      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4264qed
4265
4266AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4267proof -
4268  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
4269    using "BF◇" "CBF◇" "≡I" by blast
4270  also AOT_have   x ([F]x &  ¬[F]x)
4271    by (AOT_subst λκ. «([F]κ & ¬[F]κ)»  λ κ .  «[F]κ &  ¬[F]κ»)
4272       (auto simp: "S5Basic:11" "cqt-further:7")
4273  also AOT_have   x (¬[F]x & [F]x)
4274    by (AOT_subst λκ. «¬[F]κ & [F]κ»  λ κ .  «[F]κ & ¬[F]κ»)
4275       (auto simp: "Commutativity of &" "cqt-further:7")
4276  also AOT_have   x (¬[F]x & [F]x)
4277    by (AOT_subst λ κ .  «(¬[F]κ & [F]κ)» λκ. «¬[F]κ & [F]κ»)
4278       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
4279  also AOT_have   x (¬[F]x & [F]x)
4280    using "BF◇" "CBF◇" "≡I" by fast
4281  finally show ?thesis.
4282qed
4283
4284AOT_theorem "lem-cont-e:2": x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
4285proof -
4286  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4287    using "lem-cont-e:1".
4288  also AOT_have   x ([F]-x & ¬[F]-x)
4289    apply (AOT_subst "λ κ . «¬[F]-κ»" "λ κ . «[F]κ»")
4290     apply (simp add: "thm-relation-negation:2")
4291    apply (AOT_subst "λ κ . «[F]-κ»" "λ κ . «¬[F]κ»")
4292     apply (simp add: "thm-relation-negation:1")
4293    by (simp add: "oth-class-taut:3:a")
4294  finally show ?thesis.
4295qed
4296
4297AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
4298proof (rule "CBF◇"[THEN "→E"])
4299  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
4300  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4301  AOT_hence θ: E!a & ¬𝒜E!a
4302    using "KBasic2:3"[THEN "→E"] by blast
4303  AOT_have ξ: E!a & 𝒜¬E!a
4304    by (AOT_subst  "«𝒜¬E!a»" "«¬𝒜E!a»")
4305       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
4306  AOT_have ζ: E!a & 𝒜¬E!a
4307    by (AOT_subst "«𝒜¬E!a»" "«𝒜¬E!a»")
4308       (auto simp add: "Act-Sub:4" ξ)
4309  AOT_hence E!a & ¬E!a
4310    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
4311  AOT_hence (E!a & ¬E!a) using "S5Basic:11"[THEN "≡E"(2)] by simp
4312  AOT_thus x (E!x & ¬E!x) using "∃I"(2) by fast
4313qed
4314
4315AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
4316proof -
4317  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
4318    using "lem-cont-e:1" GEN by fast
4319  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
4320    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4321  thus ?thesis using "thm-cont-e:1" "≡E" by blast
4322qed
4323
4324AOT_theorem "thm-cont-e:3": x E!x
4325proof (rule "CBF◇"[THEN "→E"])
4326  AOT_obtain a where (E!a & ¬E!a)
4327    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4328  AOT_hence E!a
4329    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
4330  AOT_thus x E!x using "∃I" by fast
4331qed
4332
4333AOT_theorem "thm-cont-e:4": x ¬E!x
4334proof (rule "CBF◇"[THEN "→E"])
4335  AOT_obtain a where (E!a & ¬E!a)
4336    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4337  AOT_hence ¬E!a
4338    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
4339  AOT_hence ¬E!a
4340    using "4◇"[THEN "→E"] by blast
4341  AOT_thus x ¬E!x using "∃I" by fast
4342qed
4343
4344AOT_theorem "thm-cont-e:5": Contingent([E!])
4345proof -
4346  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4347    using "thm-cont-prop:2" GEN by fast
4348  AOT_hence Contingent([E!])  x E!x & x ¬E!x
4349    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4350  thus ?thesis
4351    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
4352qed
4353
4354AOT_theorem "thm-cont-e:6": Contingent([E!]-)
4355proof -
4356  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
4357    using "thm-cont-prop:3" GEN by fast
4358  AOT_hence Contingent([E!])  Contingent([E!]-)
4359    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4360  thus ?thesis using "thm-cont-e:5" "≡E" by blast
4361qed
4362
4363AOT_theorem "thm-cont-e:7": FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
4364proof (rule "∃I")+
4365  AOT_have F [«F::<κ>»]  [F]- using "thm-relation-negation:5" GEN by fast
4366  AOT_hence [E!]  [E!]-
4367    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4368  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
4369    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
4370next
4371  AOT_show E!-
4372    by (fact AOT)
4373next
4374  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
4375qed
4376
4377AOT_theorem "property-facts:1": NonContingent([F])  ¬G (Contingent([G]) & G = F)
4378proof (rule "→I"; rule "raa-cor:2")
4379  AOT_assume NonContingent([F])
4380  AOT_hence 1: Necessary([F])  Impossible([F])
4381    using "contingent-properties:3"[THEN "≡dfE"] by blast
4382  AOT_assume G (Contingent([G]) & G = F)
4383  then AOT_obtain G where Contingent([G]) & G = F using "∃E"[rotated] by blast
4384  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
4385  AOT_hence ¬(Necessary([F])  Impossible([F]))
4386    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4387  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4388    using 1 "&I" by blast
4389qed
4390
4391AOT_theorem "property-facts:2": Contingent([F])  ¬G (NonContingent([G]) & G = F)
4392proof (rule "→I"; rule "raa-cor:2")
4393  AOT_assume Contingent([F])
4394  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
4395    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4396  AOT_assume G (NonContingent([G]) & G = F)
4397  then AOT_obtain G where NonContingent([G]) & G = F using "∃E"[rotated] by blast
4398  AOT_hence NonContingent([F]) using "rule=E" "&E" by blast
4399  AOT_hence Necessary([F])  Impossible([F])
4400    using "contingent-properties:3"[THEN "≡dfE"] by blast
4401  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4402    using 1 "&I" by blast
4403qed
4404
4405AOT_theorem "property-facts:3": L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
4406proof -
4407  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
4408    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
4409    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
4410  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
4411    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
4412  AOT_have not_noncontingent_if_contingent: ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
4413  proof(rule RAA(2))
4414    AOT_show ¬(Necessary([Π])  Impossible([Π]))
4415      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF contingent_denotes[OF that], THEN "≡E"(1)] by blast
4416  next
4417    AOT_assume NonContingent([Π])
4418    AOT_thus Necessary([Π])  Impossible([Π])
4419      using "contingent-properties:3"[THEN "≡dfE"] by blast
4420  qed
4421
4422  show ?thesis
4423  proof (safe intro!: "&I")
4424    AOT_show L  [L]-
4425      apply (rule "=dfI"(2)[OF L_def])
4426       apply "cqt:2[lambda]"
4427      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4428       apply (rule GEN) apply (fact AOT)
4429      by "cqt:2[lambda]"
4430  next
4431    AOT_show L  E!
4432      apply (rule noneqI)
4433      using "thm-noncont-e-e:3" not_noncontingent_if_contingent[OF "thm-cont-e:5"]
4434      by auto
4435  next
4436    AOT_show L  E!-
4437      apply (rule noneqI)
4438      using "thm-noncont-e-e:3" apply fast
4439      apply (rule not_noncontingent_if_contingent)
4440      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4441      using "thm-cont-prop:3" GEN apply fast
4442      using "thm-cont-e:5" by fast+
4443  next
4444    AOT_show [L]-  E!-
4445      apply (rule noneqI)
4446      using "thm-noncont-e-e:4" apply fast
4447      apply (rule not_noncontingent_if_contingent)
4448      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4449      using "thm-cont-prop:3" GEN apply fast
4450      using "thm-cont-e:5" by fast+
4451  next
4452    AOT_show E!  E!-
4453      apply (rule "=dfI"(2)[OF L_def])
4454       apply "cqt:2[lambda]"
4455      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4456       apply (rule GEN) apply (fact AOT)
4457      by (fact "cqt:2[concrete]"[axiom_inst])
4458  qed
4459qed
4460
4461AOT_theorem "thm-cont-propos:1": NonContingent0(p)  NonContingent0(((p)-))
4462proof(rule "≡I"; rule "→I")
4463  AOT_assume NonContingent0(p)
4464  AOT_hence Necessary0(p)  Impossible0(p)
4465    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4466  moreover {
4467    AOT_assume Necessary0(p)
4468    AOT_hence 1: p using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4469    AOT_have ¬((p)-)
4470      by (AOT_subst "«¬((p)-)»" "AOT_term_of_var p")
4471         (auto simp add: 1 "thm-relation-negation:4")
4472    AOT_hence Impossible0(((p)-))
4473      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4474  }
4475  moreover {
4476    AOT_assume Impossible0(p)
4477    AOT_hence 1: ¬p
4478      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4479    AOT_have ((p)-)
4480      by (AOT_subst "«((p)-)»" "«¬p»") 
4481         (auto simp: 1 "thm-relation-negation:3")
4482    AOT_hence Necessary0(((p)-))
4483      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4484  }
4485  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
4486    using "∨E"(1) "∨I" "→I" by metis
4487  AOT_thus NonContingent0(((p)-))
4488    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4489next
4490  AOT_assume NonContingent0(((p)-))
4491  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
4492    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4493  moreover {
4494    AOT_assume Impossible0(((p)-))
4495    AOT_hence 1: ¬((p)-)
4496      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4497    AOT_have p
4498      by (AOT_subst_rev "«¬((p)-)»" "AOT_term_of_var p")
4499         (auto simp: 1 "thm-relation-negation:4")
4500    AOT_hence Necessary0(p)
4501      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
4502  }
4503  moreover {
4504    AOT_assume Necessary0(((p)-))
4505    AOT_hence 1: ((p)-)
4506      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
4507    AOT_have ¬p
4508      by (AOT_subst_rev "«((p)-)»" "«¬p»")
4509         (auto simp: 1 "thm-relation-negation:3")
4510    AOT_hence Impossible0(p)
4511      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4512  }
4513  ultimately AOT_have Necessary0(p)  Impossible0(p)
4514    using "∨E"(1) "∨I" "→I" by metis
4515  AOT_thus NonContingent0(p)
4516    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4517qed
4518
4519AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
4520proof -
4521  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
4522    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
4523  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
4524    by (fact AOT)
4525  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
4526    by (fact AOT)
4527  also AOT_have   φ & ¬φ
4528    apply (AOT_subst "«φ»" "«¬¬φ»")
4529     apply (simp add: "conventions:5" "≡Df")
4530    apply (AOT_subst "«Impossible0(φ)»" "«¬φ»")
4531     apply (simp add: "contingent-properties:2[zero]" "≡Df")
4532    apply (AOT_subst_rev "«¬φ»" "«¬φ»")
4533     apply (simp add: "KBasic:11")
4534    apply (AOT_subst "«Necessary0(φ)»" "«φ»")
4535     apply (simp add: "contingent-properties:1[zero]" "≡Df")
4536    by (simp add: "oth-class-taut:3:a")
4537  finally show ?thesis.
4538qed
4539
4540AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
4541proof -
4542  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
4543  also AOT_have   ¬p & p by (fact AOT)
4544  also AOT_have   ((p)-) & p
4545    by (AOT_subst "«((p)-)»" "«¬p»")
4546       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
4547  also AOT_have   ((p)-) & ¬((p)-)
4548    by (AOT_subst "«¬((p)-)»" "AOT_term_of_var p")
4549       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
4550  also AOT_have   Contingent0(((p)-))
4551    using "thm-cont-propos:2"[symmetric] by blast
4552  finally show ?thesis.
4553qed
4554
4555AOT_define noncontingent_prop :: ‹φ› ("p0")
4556  p0_def: "(p0) =df (x (E!x  E!x))"
4557
4558AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
4559proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4560  AOT_show (p0)
4561    apply (rule "=dfI"(2)[OF p0_def])
4562    using "log-prop-prop:2" apply simp
4563    using "if-p-then-p" RN GEN by fast
4564qed
4565
4566AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
4567proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4568  AOT_show ¬((p0)-)
4569    apply (AOT_subst "«((p0)-)»" "«¬p0»")
4570    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4571    apply (AOT_subst_rev "«p0»" "«¬¬p0»" )
4572     apply (simp add: "oth-class-taut:3:b")
4573    apply (rule "=dfI"(2)[OF p0_def])
4574    using "log-prop-prop:2" apply simp
4575    using "if-p-then-p" RN GEN by fast
4576qed
4577
4578AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
4579  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4580  using "thm-noncont-propos:1" "∨I" by blast
4581
4582AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
4583  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4584  using "thm-noncont-propos:2" "∨I" by blast
4585
4586AOT_theorem "thm-noncont-propos:5": pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
4587proof(rule "∃I")+
4588  AOT_have 0: φ  (φ)- for φ
4589    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4590  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
4591    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
4592qed(auto simp: "log-prop-prop:2")
4593
4594AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
4595proof(rule "raa-cor:2")
4596  AOT_assume x(E!x & ¬𝒜E!x)
4597  then AOT_obtain a where a: E!a & ¬𝒜E!a
4598    using "∃E"[rotated] by blast
4599  AOT_hence 𝒜¬E!a using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
4600  AOT_hence ¬E!a using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
4601  AOT_hence E!a & ¬E!a using a "&E" "&I" by blast
4602  AOT_thus p & ¬p for p using "raa-cor:1" by blast
4603qed
4604
4605AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
4606proof(rule "raa-cor:2")
4607  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
4608  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
4609    using "Act-Basic:10"[THEN "≡E"(1)] by blast
4610  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4611  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a using "Act-Basic:2"[THEN "≡E"(1)] by blast
4612  AOT_hence ¬𝒜𝒜E!a using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
4613  AOT_hence ¬𝒜E!a using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
4614  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
4615qed
4616
4617AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
4618proof (rule RAA(1))
4619  AOT_show ¬𝒜x (E!x & ¬𝒜E!x) using "pos-not-pna:1" by blast
4620next
4621  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
4622  AOT_hence x (E!x & ¬𝒜E!x)
4623    using "KBasic:12"[THEN "≡E"(2)] by blast
4624  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
4625    using "nec-imp-act"[THEN "→E"] by blast
4626qed
4627
4628AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
4629proof -
4630  AOT_obtain a where (E!a & ¬𝒜E!a)
4631    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
4632  AOT_hence θ: E!a and ξ: ¬𝒜E!a using "KBasic2:3"[THEN "→E"] "&E" by blast+
4633  AOT_have ¬𝒜E!a using ξ "KBasic:11"[THEN "≡E"(2)] by blast
4634  AOT_hence ¬𝒜E!a using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)] by blast
4635  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
4636  thus ?thesis using "∃I" by fast
4637qed
4638
4639AOT_define contingent_prop :: φ ("q0")
4640  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
4641
4642AOT_theorem q0_prop: q0 & ¬q0
4643  apply (rule "=dfI"(2)[OF q0_def])
4644  apply (fact "log-prop-prop:2")
4645  apply (rule "&I")
4646   apply (fact "qml:4"[axiom_inst])
4647  by (fact "pos-not-pna:2")
4648
4649AOT_theorem "basic-prop:1": Contingent0((q0))
4650proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4651  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
4652  proof (rule "&I"; rule "=dfI"(2)[OF q0_def]; (rule "log-prop-prop:2" | rule "raa-cor:2"))
4653    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
4654    AOT_hence x (E!x & ¬𝒜E!x)
4655      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4656    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
4657      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
4658    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
4659      using "pos-not-pna:1" "&I" by blast
4660  next
4661    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
4662    AOT_hence ¬(x (E!x & ¬𝒜E!x))
4663      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4664    AOT_hence ¬(x (E!x & ¬𝒜E!x)) using "KBasic2:1"[THEN "≡E"(1)] by blast
4665    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
4666      using "qml:4"[axiom_inst] "&I" by blast
4667  qed
4668  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
4669    using "oth-class-taut:5:d" "≡E"(2) by blast
4670qed
4671
4672AOT_theorem "basic-prop:2": p Contingent0((p))
4673  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
4674
4675AOT_theorem "basic-prop:3": Contingent0(((q0)-))
4676  apply (AOT_subst "«(q0)-»" "«¬q0»")
4677   apply (insert "thm-relation-negation:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
4678  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4679  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
4680  apply (rule "&I")
4681   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4682   apply (rule "conventions:5"[THEN "≡dfE"])
4683   apply (rule "=dfE"(2)[OF q0_def])
4684    apply (rule "log-prop-prop:2")
4685   apply (rule q0_prop[THEN "&E"(1)])
4686  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4687  apply (rule "conventions:5"[THEN "≡dfE"])
4688  by (rule q0_prop[THEN "&E"(2)])
4689
4690AOT_theorem "basic-prop:4": pq (p  q & Contingent0(p) & Contingent0(q))
4691proof(rule "∃I")+
4692  AOT_have 0: φ  (φ)- for φ
4693    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4694  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
4695    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
4696qed(auto simp: "log-prop-prop:2")
4697
4698AOT_theorem "proposition-facts:1": NonContingent0(p)  ¬q (Contingent0(q) & q = p)
4699proof(rule "→I"; rule "raa-cor:2")
4700  AOT_assume NonContingent0(p)
4701  AOT_hence 1: Necessary0(p)  Impossible0(p)
4702    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4703  AOT_assume q (Contingent0(q) & q = p)
4704  then AOT_obtain q where Contingent0(q) & q = p using "∃E"[rotated] by blast
4705  AOT_hence Contingent0(p) using "rule=E" "&E" by fast
4706  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4707    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
4708qed
4709
4710AOT_theorem "proposition-facts:2": Contingent0(p)  ¬q (NonContingent0(q) & q = p)
4711proof(rule "→I"; rule "raa-cor:2")
4712  AOT_assume Contingent0(p)
4713  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
4714    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4715  AOT_assume q (NonContingent0(q) & q = p)
4716  then AOT_obtain q where NonContingent0(q) & q = p using "∃E"[rotated] by blast
4717  AOT_hence NonContingent0(p) using "rule=E" "&E" by fast
4718  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4719    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
4720qed
4721
4722AOT_theorem "proposition-facts:3": (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
4723proof -
4724  {
4725    fix χ φ ψ
4726    AOT_assume χ{φ}
4727    moreover AOT_assume ¬χ{ψ}
4728    ultimately AOT_have ¬(χ{φ}  χ{ψ})
4729      using RAA "≡E" by metis
4730    moreover {
4731      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
4732        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
4733      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
4734        using "∀E" "log-prop-prop:2" by blast
4735    }
4736    ultimately AOT_have φ  ψ
4737      using "→E" by blast
4738  } note 0 = this
4739  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
4740    using "thm-cont-propos:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4741  AOT_have not_noncontingent_if_contingent: ¬NonContingent0(φ) if Contingent0(φ) for φ
4742    apply (rule "contingent-properties:3[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4743    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4744  show ?thesis
4745    apply (rule "&I")+
4746    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4747       apply (rule 0)
4748    using "thm-noncont-propos:3" apply fast
4749       apply (rule not_noncontingent_if_contingent)
4750       apply (fact AOT)
4751      apply (rule 0)
4752    apply (rule "thm-noncont-propos:3")
4753      apply (rule not_noncontingent_if_contingent)
4754      apply (rule contingent_neg[THEN "≡E"(1)])
4755      apply (fact AOT)
4756     apply (rule 0)
4757    apply (rule "thm-noncont-propos:4")
4758      apply (rule not_noncontingent_if_contingent)
4759      apply (rule contingent_neg[THEN "≡E"(1)])
4760     apply (fact AOT)
4761    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4762qed
4763
4764AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
4765  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
4766
4767AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
4768  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
4769
4770AOT_theorem "cont-true-cont:1": ContingentlyTrue((p))  Contingent0((p))
4771proof(rule "→I")
4772  AOT_assume ContingentlyTrue((p))
4773  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
4774  AOT_have ¬Necessary0((p))
4775    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4776    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
4777  moreover AOT_have ¬Impossible0((p))
4778    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4779    apply (rule "conventions:5"[THEN "≡dfE"])
4780    using "T◇"[THEN "→E", OF 1].
4781  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4782    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4783  AOT_thus Contingent0((p))
4784    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4785qed
4786
4787AOT_theorem "cont-true-cont:2": ContingentlyFalse((p))  Contingent0((p))
4788proof(rule "→I")
4789  AOT_assume ContingentlyFalse((p))
4790  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
4791  AOT_have ¬Necessary0((p))
4792    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4793    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
4794  moreover AOT_have ¬Impossible0((p))
4795    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4796    apply (rule "conventions:5"[THEN "≡dfE"])
4797    using 2.
4798  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4799    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4800  AOT_thus Contingent0((p))
4801    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4802qed
4803
4804AOT_theorem "cont-true-cont:3": ContingentlyTrue((p))  ContingentlyFalse(((p)-))
4805proof(rule "≡I"; rule "→I")
4806  AOT_assume ContingentlyTrue((p))
4807  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4808  AOT_have 1: ContingentlyFalse(¬p)
4809    apply (rule "cont-tf:2"[THEN "≡dfI"])
4810    apply (AOT_subst_rev "AOT_term_of_var p" "«¬¬p»")
4811    by (auto simp: "oth-class-taut:3:b" 0)
4812  AOT_show ContingentlyFalse(((p)-))
4813    apply (AOT_subst "«(p)-»" "«¬p»")
4814    by (auto simp: "thm-relation-negation:3" 1)
4815next
4816  AOT_assume 1: ContingentlyFalse(((p)-))
4817  AOT_have ContingentlyFalse(¬p)
4818    by (AOT_subst_rev "«(p)-»" "«¬p»")
4819       (auto simp: "thm-relation-negation:3" 1)
4820  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
4821  AOT_hence p & ¬p
4822    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
4823  AOT_thus ContingentlyTrue((p))
4824    using "cont-tf:1"[THEN "≡dfI"] by blast
4825qed
4826
4827AOT_theorem "cont-true-cont:4": ContingentlyFalse((p))  ContingentlyTrue(((p)-))
4828proof(rule "≡I"; rule "→I")
4829  AOT_assume ContingentlyFalse(p)
4830  AOT_hence 0: ¬p & p
4831    using "cont-tf:2"[THEN "≡dfE"] by blast
4832  AOT_have ¬p & ¬¬p
4833    by (AOT_subst_rev "AOT_term_of_var p" "«¬¬p»")
4834       (auto simp: "oth-class-taut:3:b" 0)
4835  AOT_hence 1: ContingentlyTrue(¬p)
4836    by (rule "cont-tf:1"[THEN "≡dfI"])
4837  AOT_show ContingentlyTrue(((p)-))
4838    by (AOT_subst "«(p)-»" "«¬p»")
4839       (auto simp: "thm-relation-negation:3" 1)
4840next
4841  AOT_assume 1: ContingentlyTrue(((p)-))
4842  AOT_have ContingentlyTrue(¬p)
4843    by (AOT_subst_rev "«(p)-»" "«¬p»")
4844       (auto simp add: "thm-relation-negation:3" 1)
4845  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4846  AOT_have p
4847    by (AOT_subst "AOT_term_of_var p" "«¬¬p»")
4848       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
4849  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
4850  AOT_thus ContingentlyFalse(p)
4851    by (rule "cont-tf:2"[THEN "≡dfI"])
4852qed
4853
4854AOT_theorem "cont-true-cont:5": (ContingentlyTrue((p)) & Necessary0((q)))  p  q
4855proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4856  AOT_assume ContingentlyTrue((p))
4857  AOT_hence ¬p
4858    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
4859  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
4860  AOT_assume Necessary0((q))
4861  moreover AOT_assume ¬(p  q)
4862  AOT_hence p = q
4863    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4864          "useful-tautologies:1"[THEN "→E"] by blast
4865  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
4866  AOT_hence p
4867    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4868  AOT_thus p & ¬p using 0 "&I" by blast
4869qed
4870
4871AOT_theorem "cont-true-cont:6": (ContingentlyFalse((p)) & Impossible0((q)))  p  q
4872proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4873  AOT_assume ContingentlyFalse((p))
4874  AOT_hence p
4875    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
4876  AOT_hence 1: ¬¬p
4877    using "conventions:5"[THEN "≡dfE"] by blast
4878  AOT_assume Impossible0((q))
4879  moreover AOT_assume ¬(p  q)
4880  AOT_hence p = q
4881    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4882          "useful-tautologies:1"[THEN "→E"] by blast
4883  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
4884  AOT_hence ¬p
4885    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4886  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
4887qed
4888
4889AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
4890  apply (rule "cont-tf:2"[THEN "≡dfI"])
4891  apply (rule "=dfI"(2)[OF q0_def])
4892   apply (fact "log-prop-prop:2")
4893  apply (rule "&I")
4894   apply (fact "no-cnac")
4895  by (fact "qml:4"[axiom_inst])
4896
4897AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
4898  apply (rule "cont-tf:1"[THEN "≡dfI"])
4899  apply (rule "=dfI"(2)[OF q0_def])
4900   apply (fact "log-prop-prop:2")
4901  apply (rule "&I")
4902     apply (rule "thm-relation-negation:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
4903     apply (fact "no-cnac")
4904    apply (rule "rule=E"[rotated, OF "thm-relation-negation:7"[unvarify p, OF "log-prop-prop:2", THEN id_sym]])
4905  apply (AOT_subst_rev "«x (E!x & ¬𝒜E!x)»" "«¬¬(x  (E!x & ¬𝒜E!x))»")
4906  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
4907
4908(* TODO: q0cf-rem skipped for now *)
4909
4910AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
4911proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
4912  AOT_assume q0
4913  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
4914  AOT_thus ContingentlyTrue(q0)
4915    by (rule "cont-tf:1"[THEN "≡dfI"])
4916next
4917  AOT_assume ¬q0
4918  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
4919  AOT_hence ContingentlyFalse(q0)
4920    by (rule "cont-tf:2"[THEN "≡dfI"])
4921  AOT_thus ContingentlyTrue(((q0)-))
4922    by (rule "cont-true-cont:4"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
4923qed(auto simp: "log-prop-prop:2")
4924
4925
4926AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
4927proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
4928  AOT_assume q0
4929  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
4930  AOT_hence ContingentlyTrue(q0)
4931    by (rule "cont-tf:1"[THEN "≡dfI"])
4932  AOT_thus ContingentlyFalse(((q0)-))
4933    by (rule "cont-true-cont:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
4934next
4935  AOT_assume ¬q0
4936  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
4937  AOT_thus ContingentlyFalse(q0)
4938    by (rule "cont-tf:2"[THEN "≡dfI"])
4939qed(auto simp: "log-prop-prop:2")
4940
4941(* TODO: inspect modally strict subproof involving obtained variable *)
4942AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
4943proof -
4944  fix x
4945  AOT_obtain p1 where ContingentlyTrue((p1))
4946    using "cont-tf-thm:1" "∃E"[rotated] by blast
4947  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
4948  AOT_modally_strict {
4949    AOT_have for arbitrary p:  (z p]x  p)
4950      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
4951    AOT_hence for arbitrary p:   (z p]x  p)
4952      by (rule RN)
4953    AOT_hence p (z p]x  p) using GEN by fast
4954    AOT_hence (z p1]x  p1) using "∀E" by fast
4955  } note 2 = this
4956  AOT_hence (z p1]x  p1) using "∀E" by blast
4957  AOT_hence z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
4958  moreover AOT_have ¬z p1]x
4959    apply (AOT_subst_using subst: 2[THEN "qml:2"[axiom_inst, THEN "→E"]])
4960    using 1[THEN "&E"(2)] by blast
4961  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
4962  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
4963  moreover AOT_have z p1] by "cqt:2[lambda]"
4964  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
4965qed
4966
4967(* TODO: inspect modally strict subproof involving obtained variable *)
4968AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
4969proof -
4970  fix x
4971  AOT_obtain p1 where ContingentlyFalse((p1))
4972    using "cont-tf-thm:2" "∃E"[rotated] by blast
4973  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
4974  AOT_modally_strict {
4975    AOT_have for arbitrary p:  (z p]x  p)
4976      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
4977    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
4978      using "oth-class-taut:4:b" "≡E" by blast
4979    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
4980      by (rule RN)
4981    AOT_hence p (¬z p]x  ¬p) using GEN by fast
4982    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
4983  } note 2 = this
4984  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
4985  AOT_hence 3: ¬z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
4986  AOT_modally_strict {
4987    AOT_have for arbitrary p:  (z p]x  p)
4988      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
4989    AOT_hence for arbitrary p:  (z p]x  p)
4990      by (rule RN)
4991    AOT_hence p (z p]x  p) using GEN by fast
4992    AOT_hence (z p1]x  p1) using "∀E" by fast
4993  } note 4 = this
4994  AOT_have z p1]x
4995    apply (AOT_subst_using subst: 4[THEN "qml:2"[axiom_inst, THEN "→E"]])
4996    using 1[THEN "&E"(2)] by blast
4997  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
4998  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
4999  moreover AOT_have z p1] by "cqt:2[lambda]"
5000  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
5001qed
5002
5003context
5004begin
5005
5006private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
5007    apply (rule "=dfI"(2)[OF L_def])
5008     apply "cqt:2[lambda]"
5009    apply (rule "beta-C-meta"[THEN "→E"])
5010  by "cqt:2[lambda]"
5011
5012private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
5013    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5014
5015private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
5016proof(rule "≡I"; rule "→I"; (rule "∀I")?)
5017  fix x
5018  AOT_assume 1: φ
5019  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
5020  also AOT_have   φ
5021    using "if-p-then-p" 1 "≡I" "→I" by simp
5022  also AOT_have   z φ]x
5023    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
5024  finally AOT_show [L]x  z φ]x.
5025next
5026  fix x
5027  AOT_assume x([L]x  z φ]x)
5028  AOT_hence [L]x  z φ]x using "∀E" by blast
5029  also AOT_have   φ using eqnotnec_123_Aux_ω.
5030  finally AOT_have φ  [L]x using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5031  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
5032  finally AOT_show φ using "≡E" "if-p-then-p" by fast
5033qed
5034private lemmas eqnotnec_123_Aux_ξ =  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5035                      THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5036                      THEN "RM◇"]
5037private lemmas eqnotnec_123_Aux_ξ' = eqnotnec_123_Aux_θ[THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)], THEN "RM◇"]
5038
5039AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5040proof-
5041  AOT_obtain p1 where ContingentlyTrue(p1) using "cont-tf-thm:1" "∃E"[rotated] by blast
5042  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5043  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
5044    apply - apply (rule "&I")
5045    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)] eqnotnec_123_Aux_ξ "→E" by fast+
5046  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
5047    by (rule "∃I") "cqt:2[lambda]"
5048  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
5049    apply (rule "∃I")
5050    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5051qed
5052
5053AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5054proof-
5055  AOT_obtain p1 where ContingentlyFalse(p1) using "cont-tf-thm:2" "∃E"[rotated] by blast
5056  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5057  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
5058    apply - apply (rule "&I")
5059    using "&E" eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)] eqnotnec_123_Aux_ξ' "→E" by fast+
5060  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
5061    by (rule "∃I") "cqt:2[lambda]"
5062  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
5063    apply (rule "∃I")
5064    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5065qed
5066
5067AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5068proof-
5069  AOT_have ¬𝒜q0
5070    apply (rule "=dfI"(2)[OF q0_def])
5071     apply (fact "log-prop-prop:2")
5072    by (fact AOT)
5073  AOT_hence 𝒜¬q0
5074    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5075  AOT_hence 𝒜¬x ([L]x  z q0]x)
5076    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5077            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5078            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
5079  moreover AOT_have x ([L]x  z q0]x) using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
5080  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x) using "&I" by blast
5081  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
5082    by (rule "∃I") "cqt:2[lambda]"
5083  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5084    apply (rule "∃I")
5085    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5086qed
5087
5088end
5089
5090(* TODO[IMPORTANT]: proof of 219.4 ζ: appeal to (159.2) requires a theorem, but the result has local
5091   assumptions! *)
5092AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5093proof(rule GEN)
5094  fix F
5095
5096  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5097  proof(rule "→I"; rule GEN)
5098    AOT_modally_strict {
5099    fix x
5100    AOT_assume 0: ψ
5101    AOT_have z [F]z & ψ]x  [F]x & ψ
5102      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5103    also AOT_have ...  [F]x
5104      apply (rule "≡I"; rule "→I")
5105      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5106      using 0 "&I" by blast
5107    finally AOT_show [F]x  z [F]z & ψ]x
5108      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5109    }
5110  qed
5111
5112  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5113  proof (rule "→I"; rule GEN)
5114    AOT_modally_strict {
5115      fix x
5116      AOT_assume 0: ψ
5117      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5118        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5119      also AOT_have ...  [F]x
5120        apply (rule "≡I"; rule "→I")
5121        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5122        apply (rule "∨I"(1)) using 0 "&I" by blast
5123      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5124        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5125    }
5126  qed
5127
5128  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5129  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
5130  AOT_modally_strict {
5131      AOT_assume 0: ¬ψ
5132      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5133      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5134      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5135          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5136      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5137        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5138      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5139        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5140      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5141      ultimately AOT_have ψ using "≡E" "&E" by metis
5142      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5143    }
5144  qed
5145
5146  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5147  proof (rule "→I")
5148    AOT_assume A: z([F]z  z [F]z & ψ]z)
5149    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5150    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
5151          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
5152          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5153      AOT_modally_strict {
5154        AOT_assume z ([F]z  z [F]z & ψ]z)
5155        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5156        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5157        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5158        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5159        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5160      }
5161    next
5162      AOT_modally_strict {
5163        AOT_assume z ([F]z  z [F]z & ψ]z)
5164        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5165        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5166        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5167        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5168        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5169      }
5170    qed(auto simp: A)
5171  qed
5172
5173  AOT_obtain p1 where p1_prop: p1 & ¬p1 using "cont-tf-thm:1" "∃E"[rotated] "cont-tf:1"[THEN "≡dfE"] by blast
5174  {
5175    AOT_assume 1: x([F]x  z [F]z & p1]x)
5176    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5177      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5178    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5179      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5180    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5181      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5182    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) & ¬x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5183    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5184      by (rule "∃I"(1)) "cqt:2[lambda]"
5185  }
5186  moreover {
5187    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5188    AOT_hence ¬x([F]x  z [F]z & p1]x)
5189      using "KBasic:11"[THEN "≡E"(1)] by blast
5190    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
5191      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
5192    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5193      by (rule "∃I"(1)) "cqt:2[lambda]"
5194  }
5195  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5196    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5197qed
5198
5199AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5200proof(rule GEN)
5201  fix F
5202
5203  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5204  proof(rule "RM◇"; rule "→I"; rule GEN)
5205    AOT_modally_strict {
5206    fix x
5207    AOT_assume 0: ψ
5208    AOT_have z [F]z & ψ]x  [F]x & ψ
5209      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5210    also AOT_have ...  [F]x
5211      apply (rule "≡I"; rule "→I")
5212      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5213      using 0 "&I" by blast
5214    finally AOT_show [F]x  z [F]z & ψ]x
5215      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5216    }
5217  qed
5218
5219  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5220  proof (rule "RM◇"; rule "→I"; rule GEN)
5221    AOT_modally_strict {
5222      fix x
5223      AOT_assume 0: ψ
5224      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5225        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5226      also AOT_have ...  [F]x
5227        apply (rule "≡I"; rule "→I")
5228        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5229        apply (rule "∨I"(1)) using 0 "&I" by blast
5230      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5231        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5232    }
5233  qed
5234
5235  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5236  proof(rule "→I"; rule "raa-cor:2")
5237  AOT_modally_strict {
5238      AOT_assume 0: ¬ψ
5239      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5240      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5241      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5242          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5243      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5244        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5245      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5246        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5247      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5248      ultimately AOT_have ψ using "≡E" "&E" by metis
5249      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5250    }
5251  qed
5252
5253  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5254  proof (rule "→I"; rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5255    AOT_modally_strict {
5256      AOT_assume z ([F]z  z [F]z & ψ]z)
5257      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5258      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5259      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5260      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5261      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5262    }
5263  next
5264    AOT_modally_strict {
5265      AOT_assume z ([F]z  z [F]z & ψ]z)
5266      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5267      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5268      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5269      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5270      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5271    }
5272  qed
5273
5274  AOT_obtain p1 where p1_prop: ¬p1 & p1 using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
5275  {
5276    AOT_assume 1: x([F]x  z [F]z & p1]x)
5277    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5278      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5279    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5280      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5281    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5282      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5283    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) & x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5284    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5285      by (rule "∃I"(1)) "cqt:2[lambda]"
5286  }
5287  moreover {
5288    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5289    AOT_hence ¬x([F]x  z [F]z & p1]x)
5290      using "KBasic:11"[THEN "≡E"(1)] by blast
5291    AOT_hence ¬x ([F]x  z [F]z & p1]x) & x([F]x  z [F]z & p1]x)
5292      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
5293    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5294      by (rule "∃I"(1)) "cqt:2[lambda]"
5295  }
5296  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5297    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5298qed
5299
5300AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5301proof(rule GEN)
5302  fix F
5303
5304  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5305  proof(rule "RM◇"; rule "→I"; rule GEN)
5306    AOT_modally_strict {
5307    fix x
5308    AOT_assume 0: ψ
5309    AOT_have z [F]z & ψ]x  [F]x & ψ
5310      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5311    also AOT_have ...  [F]x
5312      apply (rule "≡I"; rule "→I")
5313      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5314      using 0 "&I" by blast
5315    finally AOT_show [F]x  z [F]z & ψ]x
5316      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5317    }
5318  qed
5319
5320  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5321  proof (rule "RM◇"; rule "→I"; rule GEN)
5322    AOT_modally_strict {
5323      fix x
5324      AOT_assume 0: ψ
5325      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5326        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5327      also AOT_have ...  [F]x
5328        apply (rule "≡I"; rule "→I")
5329        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5330        apply (rule "∨I"(1)) using 0 "&I" by blast
5331      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5332        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5333    }
5334  qed
5335
5336  AOT_have Aux_C:  𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5337  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
5338  AOT_modally_strict {
5339      AOT_assume 0: ¬ψ
5340      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5341      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5342      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5343          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5344      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5345        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5346      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5347        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5348      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5349      ultimately AOT_have ψ using "≡E" "&E" by metis
5350      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5351    }
5352  qed
5353
5354  AOT_have Aux_D: 𝒜z ([F]z  z [F]z & ψ]z)  (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5355  proof (rule "→I"; rule "Act-Basic:5"[THEN "≡E"(1)])
5356    AOT_assume 𝒜z ([F]z  z [F]z & ψ]z)
5357    AOT_thus 𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x))
5358    proof (rule "RA[3]"[where Γ="{«z ([F]z  z [F]z & ψ]z)»}", simplified, rotated])
5359      AOT_modally_strict {
5360        AOT_assume z ([F]z  z [F]z & ψ]z)
5361        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5362          apply -
5363        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5364        AOT_modally_strict {
5365          AOT_assume z ([F]z  z [F]z & ψ]z)
5366          AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5367          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5368          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5369          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5370          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5371        }
5372      next
5373        AOT_modally_strict {
5374          AOT_assume z ([F]z  z [F]z & ψ]z)
5375          AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5376          AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5377          AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5378          AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5379          AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5380        }
5381      qed
5382      }
5383    qed
5384  qed
5385
5386  AOT_have ¬𝒜q0
5387    apply (rule "=dfI"(2)[OF q0_def])
5388     apply (fact "log-prop-prop:2")
5389    by (fact AOT)
5390  AOT_hence q0_prop_1: 𝒜¬q0
5391    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5392  {
5393    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
5394    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
5395      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
5396    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
5397      using Aux_C[THEN "→E", OF q0_prop_1].
5398    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
5399      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5400    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) & x([F]x  z [F]z & q0  ¬q0]x) using 2 "&I" by blast
5401    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5402      by (rule "∃I"(1)) "cqt:2[lambda]"
5403  }
5404  moreover {
5405    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
5406    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
5407      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5408    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
5409      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
5410    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5411      by (rule "∃I"(1)) "cqt:2[lambda]"
5412  }
5413  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5414    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5415qed
5416
5417AOT_theorem "oa-contingent:1": O!  A!
5418proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
5419  fix x
5420  AOT_assume 1: O! = A!
5421  AOT_hence x E!x] = A!
5422    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5423  AOT_hence x E!x] = x ¬E!x]
5424    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5425  moreover AOT_have x E!x]x  E!x
5426    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5427  ultimately AOT_have x ¬E!x]x  E!x
5428    using "rule=E" by fast
5429  moreover AOT_have x ¬E!x]x  ¬E!x
5430    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5431  ultimately AOT_have E!x  ¬E!x using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
5432  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)" using "oth-class-taut:3:c" "&I" by blast
5433qed
5434
5435AOT_theorem "oa-contingent:2": O!x  ¬A!x
5436proof -
5437  AOT_have O!x  x E!x]x
5438    apply (rule "≡I"; rule "→I")
5439     apply (rule "=dfE"(2)[OF AOT_ordinary])
5440      apply "cqt:2[lambda]"
5441     apply argo
5442    apply (rule  "=dfI"(2)[OF AOT_ordinary])
5443     apply "cqt:2[lambda]"
5444    by argo
5445  also AOT_have   E!x
5446    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5447  also AOT_have   ¬¬E!x
5448    using "oth-class-taut:3:b".
5449  also AOT_have   ¬x ¬E!x]x
5450    by (rule "beta-C-meta"[THEN "→E", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric]) "cqt:2[lambda]"
5451  also AOT_have   ¬A!x
5452    apply (rule "≡I"; rule "→I")
5453     apply (rule "=dfI"(2)[OF AOT_abstract])
5454      apply "cqt:2[lambda]"
5455     apply argo
5456    apply (rule "=dfE"(2)[OF AOT_abstract])
5457     apply "cqt:2[lambda]"
5458    by argo
5459  finally show ?thesis.
5460qed
5461
5462AOT_theorem "oa-contingent:3": A!x  ¬O!x
5463  by (AOT_subst "«A!x»" "«¬¬A!x»")
5464     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
5465
5466AOT_theorem "oa-contingent:4": Contingent(O!)
5467proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)]; rule "&I")
5468  AOT_have x E!x using "thm-cont-e:3" .
5469  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5470  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5471  AOT_hence x E!x]a
5472    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5473  AOT_hence O!a
5474    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5475  AOT_hence x O!x using "∃I" by blast
5476  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
5477next
5478  AOT_obtain a where A!a
5479    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5480  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
5481  AOT_hence x ¬O!x using "∃I" by fast
5482  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
5483qed
5484
5485AOT_theorem "oa-contingent:5": Contingent(A!)
5486proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)]; rule "&I")
5487  AOT_obtain a where A!a
5488    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5489  AOT_hence x A!x using "∃I" by fast
5490  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
5491next
5492  AOT_have x E!x using "thm-cont-e:3" .
5493  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5494  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5495  AOT_hence x E!x]a
5496    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5497  AOT_hence O!a
5498    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5499  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
5500  AOT_hence x ¬A!x using "∃I" by fast
5501  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
5502qed
5503
5504AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
5505proof -
5506  AOT_have O!x  ¬A!x
5507    using "oa-contingent:2" by blast
5508  also AOT_have   A!-x
5509    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
5510  finally AOT_have 1: O!x  A!-x.
5511
5512  AOT_have A!x  ¬O!x
5513    using "oa-contingent:3" by blast
5514  also AOT_have   O!-x
5515    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
5516  finally AOT_have 2: A!x  O!-x.
5517
5518  AOT_show O!-x  ¬A!-x
5519    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "oa-contingent:3"[of _ x] 2[symmetric]
5520          "≡E"(5) by blast
5521qed
5522
5523AOT_theorem "oa-contingent:6": O!-  A!-
5524proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5525  AOT_assume 1: O!- = A!-
5526  fix x
5527  AOT_have A!-x  O!-x
5528    apply (rule "rule=E"[rotated, OF 1]) by (fact "oth-class-taut:3:a")
5529  AOT_hence A!-x  ¬A!-x
5530    using "oa-contingent:7" "≡E" by fast
5531  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x) using "oth-class-taut:3:c" "&I" by blast
5532qed
5533
5534AOT_theorem "oa-contingent:8": Contingent(O!-)
5535  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1), OF "oa-contingent:4"].
5536
5537AOT_theorem "oa-contingent:9": Contingent(A!-)
5538  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1), OF "oa-contingent:5"].
5539
5540AOT_define WeaklyContingent :: ‹Π  φ› ("WeaklyContingent'(_')")
5541  "df-cont-nec": "WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)"
5542
5543AOT_theorem "cont-nec-fact1:1": WeaklyContingent([F])  WeaklyContingent([F]-)
5544proof -
5545  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
5546    using "df-cont-nec"[THEN "≡Df"] by blast
5547  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
5548    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
5549    using "thm-cont-prop:3".
5550  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
5551  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)]; rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
5552    fix x
5553    AOT_assume 0: x ([F]x  [F]x)
5554    AOT_assume 1: [F]-x
5555    AOT_have ¬[F]x
5556      by (AOT_subst_rev "«[F]-x»" "«¬[F]x»")
5557         (auto simp add: "thm-relation-negation:1" 1)
5558    AOT_hence 2: ¬[F]x
5559      using "KBasic:11"[THEN "≡E"(2)] by blast
5560    AOT_show [F]-x
5561    proof (rule "raa-cor:1")
5562      AOT_assume 3: ¬[F]-x
5563      AOT_have ¬¬[F]x
5564        by (AOT_subst_rev "«[F]-x»" "«¬[F]x»")
5565           (auto simp add: "thm-relation-negation:1" 3)
5566      AOT_hence [F]x
5567        using "conventions:5"[THEN "≡dfI"] by simp
5568      AOT_hence [F]x using 0 "∀E" "→E" by fast
5569      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
5570    qed
5571  next
5572    fix x
5573    AOT_assume 0: x ([F]-x  [F]-x)
5574    AOT_assume 1: [F]x
5575    AOT_have ¬[F]-x
5576      by (AOT_subst "«¬[F]-x»" "«[F]x»")
5577         (auto simp: "thm-relation-negation:2" 1)
5578    AOT_hence 2: ¬[F]-x
5579      using "KBasic:11"[THEN "≡E"(2)] by blast
5580    AOT_show [F]x
5581    proof (rule "raa-cor:1")
5582      AOT_assume 3: ¬[F]x
5583      AOT_have ¬¬[F]-x
5584        by (AOT_subst "«¬[F]-x»" "«[F]x»")
5585           (auto simp add: "thm-relation-negation:2" 3)
5586      AOT_hence [F]-x
5587        using "conventions:5"[THEN "≡dfI"] by simp
5588      AOT_hence [F]-x using 0 "∀E" "→E" by fast
5589      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
5590    qed
5591  qed
5592  also AOT_have   WeaklyContingent([F]-)
5593    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
5594  finally show ?thesis.
5595qed
5596
5597AOT_theorem "cont-nec-fact1:2": (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
5598proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5599  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
5600  AOT_hence WeaklyContingent([F]) using "&E" by blast
5601  moreover AOT_assume F = G
5602  ultimately AOT_have WeaklyContingent([G])
5603    using "rule=E" by blast
5604  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
5605    using 1 "&I" "&E" by blast
5606qed
5607
5608AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
5609proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5610  AOT_show Contingent(O!)
5611    using "oa-contingent:4".
5612next
5613  AOT_show x ([O!]x  [O!]x)
5614    apply (rule GEN; rule "→I")
5615    using "oa-facts:5"[THEN "≡E"(1)] by blast
5616qed
5617
5618
5619AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
5620proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5621  AOT_show Contingent(A!)
5622    using "oa-contingent:5".
5623next
5624  AOT_show x ([A!]x  [A!]x)
5625    apply (rule GEN; rule "→I")
5626    using "oa-facts:6"[THEN "≡E"(1)] by blast
5627qed
5628
5629AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
5630proof (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5631       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
5632  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
5633  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
5634  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
5635  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
5636  moreover AOT_assume x ([E!]x  [E!]x)
5637  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
5638  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
5639  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
5640  moreover AOT_have ¬𝒜E!a using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
5641  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
5642  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5643qed
5644
5645AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
5646  apply (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5647       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
5648  apply (rule "contingent-properties:4"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5649  apply (rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "useful-tautologies:2"[THEN "→E"])
5650  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
5651
5652(* TODO: cleanup *)
5653AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
5654proof -
5655  AOT_have 1: L
5656    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5657  {
5658    fix φ and Π Π' :: <κ>
5659    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5660    proof (rule "raa-cor:2")
5661      AOT_assume φ{Π'}  φ{Π}
5662      AOT_hence φ{Π'} using that(1) "≡E" by blast
5663      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5664    qed
5665    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5666      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5667  } note 0 = this
5668  show ?thesis
5669    apply(safe intro!: "&I"; rule 0)
5670    using "cqt:2[concrete]"[axiom_inst] apply blast
5671    using "oa-exist:1" apply blast
5672    using "cont-nec-fact2:3" apply fast
5673    apply (rule "useful-tautologies:2"[THEN "→E"])
5674    using "cont-nec-fact2:1" apply fast
5675    using "rel-neg-T:3" apply fast
5676    using "oa-exist:1" apply blast
5677    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5678    apply (rule "useful-tautologies:2"[THEN "→E"])
5679    using "cont-nec-fact2:1" apply blast
5680    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5681    using "oa-exist:1" apply fast
5682    using "cont-nec-fact2:4" apply fast
5683    apply (rule "useful-tautologies:2"[THEN "→E"])
5684    using "cont-nec-fact2:1" apply fast
5685    using "rel-neg-T:3" apply fast
5686    using "oa-exist:1" apply fast
5687    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5688    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5689    apply (rule "useful-tautologies:2"[THEN "→E"])
5690    using "cont-nec-fact2:1" by blast
5691qed
5692
5693(* TODO: cleanup together with above *)
5694AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
5695proof -
5696  AOT_have 1: L
5697    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5698  {
5699    fix φ and Π Π' :: <κ>
5700    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5701    proof (rule "raa-cor:2")
5702      AOT_assume φ{Π'}  φ{Π}
5703      AOT_hence φ{Π'} using that(1) "≡E" by blast
5704      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5705    qed
5706    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5707      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5708  } note 0 = this
5709  show ?thesis
5710    apply(safe intro!: "&I"; rule 0)
5711    using "cqt:2[concrete]"[axiom_inst] apply blast
5712    using "oa-exist:2" apply blast
5713    using "cont-nec-fact2:3" apply fast
5714    apply (rule "useful-tautologies:2"[THEN "→E"])
5715    using "cont-nec-fact2:2" apply fast
5716    using "rel-neg-T:3" apply fast
5717    using "oa-exist:2" apply blast
5718    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5719    apply (rule "useful-tautologies:2"[THEN "→E"])
5720    using "cont-nec-fact2:2" apply blast
5721    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5722    using "oa-exist:2" apply fast
5723    using "cont-nec-fact2:4" apply fast
5724    apply (rule "useful-tautologies:2"[THEN "→E"])
5725    using "cont-nec-fact2:2" apply fast
5726    using "rel-neg-T:3" apply fast
5727    using "oa-exist:2" apply fast
5728    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5729    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5730    apply (rule "useful-tautologies:2"[THEN "→E"])
5731    using "cont-nec-fact2:2" by blast
5732qed
5733
5734AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
5735  Δp df p  (¬𝒜p & p)
5736
5737AOT_theorem sixteen:
5738 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
5739«F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 & F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 & F1  F14 & F1  F15 & F1  F16 &
5740F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 & F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 & F2  F15 & F2  F16 &
5741F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 & F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
5742F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 & F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
5743F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 & F5  F13 & F5  F14 & F5  F15 & F5  F16 &
5744F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 & F6  F14 & F6  F15 & F6  F16 &
5745F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 & F7  F15 & F7  F16 &
5746F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 & F8  F16 &
5747F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
5748F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
5749F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
5750F12  F13 & F12  F14 & F12  F15 & F12  F16 &
5751F13  F14 & F13  F15 & F13  F16 &
5752F14  F15 & F14  F16 &
5753F15  F16) 
5754proof -
5755
5756  AOT_have Delta_pos: Δφ  φ for φ
5757  proof(rule "→I")
5758    AOT_assume Δφ
5759    AOT_hence φ  (¬𝒜φ & φ)
5760      using "≡dfE"[OF necessary_or_contingently_false] by blast
5761    moreover {
5762      AOT_assume φ
5763      AOT_hence φ
5764        by (metis "B◇" "T◇" "vdash-properties:10")
5765    }
5766    moreover {
5767      AOT_assume ¬𝒜φ & φ
5768      AOT_hence φ
5769        using "&E" by blast
5770    }
5771    ultimately AOT_show φ
5772      by (metis "∨E"(2) "raa-cor:1") 
5773  qed
5774
5775  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5776    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false "raa-cor:3" that(1) that(2) by blast
5777  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5778    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1) that(2) by blast
5779  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
5780    using Delta_pos "modus-tollens:1" that by blast
5781  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
5782    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1) that(2))
5783  AOT_have nec_delta: Δφ if φ for φ
5784    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
5785
5786  AOT_obtain a where a_prop: A!a
5787    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5788  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
5789    using "pos-not-pna:3" using "∃E"[rotated] by blast
5790
5791  AOT_have b_ord: [O!]b
5792  proof(rule "=dfI"(2)[OF AOT_ordinary])
5793    AOT_show x [E!]x] by "cqt:2[lambda]"
5794  next
5795    AOT_show x [E!]x]b
5796    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
5797      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
5798      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
5799    qed
5800  qed
5801
5802  AOT_have nec_not_L_neg: ¬[L-]x for x
5803    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
5804          CBF[THEN "→E"] "∀E" by blast
5805  AOT_have nec_L: [L]x for x
5806    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
5807      CBF[THEN "→E"] "∀E" by blast
5808
5809  AOT_have act_ord_b: 𝒜[O!]b
5810    using b_ord "≡E"(1) "oa-facts:7" by blast
5811  AOT_have delta_ord_b: Δ[O!]b
5812    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false "oa-facts:1" "vdash-properties:10")
5813  AOT_have not_act_ord_a: ¬𝒜[O!]a
5814    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
5815  AOT_have not_delta_ord_a: ¬Δ[O!]a
5816    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "reductio-aa:1" "vdash-properties:10")
5817
5818  AOT_have not_act_abs_b: ¬𝒜[A!]b
5819    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
5820  AOT_have not_delta_abs_b: ¬Δ[A!]b
5821  proof(rule "raa-cor:2")
5822    AOT_assume Δ[A!]b
5823    AOT_hence [A!]b
5824      by (metis Delta_pos "vdash-properties:10")
5825    AOT_thus [A!]b & ¬[A!]b
5826      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2" "oa-facts:4" "vdash-properties:10")
5827  qed
5828  AOT_have act_abs_a: 𝒜[A!]a
5829    using a_prop "≡E"(1) "oa-facts:8" by blast
5830  AOT_have delta_abs_a: Δ[A!]a
5831      by (metis "≡dfI" a_prop "oa-facts:2" "vdash-properties:10" "∨I"(1) necessary_or_contingently_false)
5832
5833  AOT_have not_act_concrete_b: ¬𝒜[E!]b
5834    using b_prop "&E"(2) by blast
5835  AOT_have delta_concrete_b: Δ[E!]b
5836  proof (rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5837    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
5838  next
5839    AOT_show [E!]b using b_prop "&E"(1) by blast
5840  qed
5841  AOT_have not_act_concrete_a: ¬𝒜[E!]a
5842  proof (rule "raa-cor:2")
5843    AOT_assume 𝒜[E!]a
5844    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "vdash-properties:10")
5845    AOT_have [A!]a by (simp add: a_prop)
5846    AOT_hence x ¬[E!]x]a
5847      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5848    AOT_hence ¬[E!]a using "β→C"(1) by blast
5849    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5850  qed
5851  AOT_have not_delta_concrete_a: ¬Δ[E!]a
5852  proof (rule "raa-cor:2")
5853    AOT_assume Δ[E!]a
5854    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
5855    AOT_have [A!]a by (simp add: a_prop)
5856    AOT_hence x ¬[E!]x]a
5857      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5858    AOT_hence ¬[E!]a using "β→C"(1) by blast
5859    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5860  qed
5861
5862  AOT_have not_act_q_zero: ¬𝒜q0
5863    by (meson "log-prop-prop:2" "pos-not-pna:1" q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
5864  AOT_have delta_q_zero: Δq0
5865  proof(rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5866    AOT_show ¬𝒜q0 using not_act_q_zero.
5867    AOT_show q0 by (meson "&E"(1) q0_prop)
5868  qed
5869  AOT_have act_not_q_zero: 𝒜¬q0 using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
5870  AOT_have not_delta_not_q_zero: ¬Δ¬q0
5871      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
5872
5873  AOT_have [L-] by (simp add: "rel-neg-T:3")
5874  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
5875  proof (safe intro!: "&I")
5876    AOT_show ¬𝒜[L-]b by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
5877    AOT_show ¬Δ[L-]b by (meson Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg)
5878    AOT_show ¬𝒜[L-]a by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
5879    AOT_show ¬Δ[L-]a using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg by blast
5880  qed
5881  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
5882    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5883  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
5884    using "&E" by blast+
5885  note props = this
5886
5887  let  = "«y [A!]y & q0]»"
5888  AOT_modally_strict {
5889    AOT_have [«»] by "cqt:2[lambda]"
5890  } note 1 = this
5891  moreover AOT_have¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
5892  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5893    AOT_show ¬𝒜([A!]b & q0)
5894      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
5895  next AOT_show ¬Δ([A!]b & q0)
5896      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b "oa-facts:4" "oa-facts:8" "raa-cor:3" "vdash-properties:10")
5897  next AOT_show ¬𝒜([A!]a & q0)
5898      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero "raa-cor:3" by blast
5899  next AOT_show Δ([A!]a & q0)
5900    proof (rule not_act_and_pos_delta)
5901      AOT_show ¬𝒜([A!]a & q0)
5902        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero "raa-cor:3" by blast
5903    next AOT_show ([A!]a & q0)
5904        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a "≡E"(1) "oa-facts:6" q0_prop)
5905    qed
5906  qed
5907  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
5908    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5909  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
5910    using "&E" by blast+
5911  note props = props this
5912
5913  let  = "«y [A!]y & ¬q0]»"
5914  AOT_modally_strict {
5915    AOT_have [«»] by "cqt:2[lambda]"
5916  } note 1 = this
5917  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
5918  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5919    AOT_show ¬𝒜([A!]b & ¬q0)
5920      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
5921  next AOT_show ¬Δ([A!]b & ¬q0)
5922      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
5923  next AOT_show 𝒜([A!]a & ¬q0)
5924      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
5925  next AOT_show ¬Δ([A!]a & ¬q0)
5926    proof (rule act_and_not_nec_not_delta)
5927      AOT_show 𝒜([A!]a & ¬q0)
5928        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
5929    next
5930      AOT_show ¬([A!]a & ¬q0)
5931        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4) q0_prop "raa-cor:3")
5932    qed
5933  qed
5934  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
5935    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5936  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
5937    using "&E" by blast+
5938  note props = props this
5939
5940  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
5941    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b by presburger
5942  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
5943    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
5944  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
5945    using "&E" by blast+
5946  note props = props this
5947
5948  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
5949    by (meson "&I" delta_concrete_b not_act_concrete_a not_act_concrete_b not_delta_concrete_a)
5950  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
5951    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5952  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
5953    using "&E" by blast+
5954  note props = props this
5955
5956  AOT_modally_strict {
5957    AOT_have y q0] by "cqt:2[lambda]"
5958  } note 1 = this
5959  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
5960    by (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5961       (auto simp: not_act_q_zero delta_q_zero)
5962  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
5963    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5964  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
5965    using "&E" by blast+
5966  note props = props this
5967
5968  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
5969  AOT_modally_strict {
5970    AOT_have [«»] by "cqt:2[lambda]"
5971  } note 1 = this
5972  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
5973  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
5974    AOT_have 𝒜¬([A!]b & ¬q0)
5975      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
5976                "≡E"(1) "raa-cor:3")
5977    moreover AOT_have ¬𝒜[E!]b
5978      using b_prop "&E"(2) by blast
5979    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
5980      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
5981    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
5982      by (AOT_subst «¬([E!]b  ([A!]b & ¬q0))» «¬[E!]b & ¬([A!]b & ¬q0)»)
5983         (auto simp: "oth-class-taut:5:d" 2)
5984    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
5985      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
5986  next
5987    AOT_show Δ([E!]b  ([A!]b & ¬q0))
5988    proof (rule not_act_and_pos_delta)
5989      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
5990        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b not_act_concrete_b "raa-cor:3")
5991    next
5992      AOT_show ([E!]b  ([A!]b & ¬q0))
5993        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
5994    qed
5995  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
5996      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
5997  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
5998    proof (rule act_and_not_nec_not_delta)
5999      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
6000        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
6001    next
6002      AOT_have ¬[E!]a
6003        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2) necessary_or_contingently_false not_act_concrete_a not_delta_concrete_a "raa-cor:3")
6004      moreover AOT_have ¬([A!]a & ¬q0)
6005        by (metis "KBasic2:1" "KBasic:11" "KBasic:3" "&E"(1) "&E"(2) "≡E"(1) q0_prop "raa-cor:3")
6006      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0)) by (metis "KBasic:16" "&I" "vdash-properties:10")
6007      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
6008        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
6009      AOT_thus ¬([E!]a  ([A!]a & ¬q0)) by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
6010    qed
6011  qed
6012  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
6013    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6014  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
6015    using "&E" by blast+
6016  note props = props this
6017
6018  let  = "«y [A!]y  [E!]y]»"
6019  AOT_modally_strict {
6020    AOT_have [«»] by "cqt:2[lambda]"
6021  } note 1 = this
6022  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
6023  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6024    AOT_show ¬𝒜([A!]b  [E!]b)
6025      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6026  next AOT_show Δ([A!]b  [E!]b)
6027    proof (rule not_act_and_pos_delta)
6028      AOT_show ¬𝒜([A!]b  [E!]b)
6029        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6030    next AOT_show ([A!]b  [E!]b)
6031        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
6032    qed
6033  next AOT_show 𝒜([A!]a  [E!]a)
6034      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
6035  next AOT_show Δ([A!]a  [E!]a)
6036    proof (rule nec_delta)
6037      AOT_show ([A!]a  [E!]a)
6038        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "vdash-properties:10")
6039    qed
6040  qed
6041  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
6042    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6043  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
6044    using "&E" by blast+
6045  note props = props this
6046
6047  let  = "«y [O!]y & ¬[E!]y]»"
6048  AOT_modally_strict {
6049    AOT_have [«»] by "cqt:2[lambda]"
6050  } note 1 = this
6051  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
6052  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6053    AOT_show 𝒜([O!]b & ¬[E!]b)
6054      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:3")
6055  next AOT_show ¬Δ([O!]b & ¬[E!]b)
6056      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1" act_and_not_nec_not_delta "act-conj-act:3"
6057                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2) "df-rules-formulas[3]"
6058                "≡E"(3) "raa-cor:1" "→E")
6059  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
6060      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
6061  next AOT_have ¬([O!]a & ¬[E!]a)
6062      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "raa-cor:3" "vdash-properties:10")
6063    AOT_thus ¬Δ([O!]a & ¬[E!]a)
6064      by (rule impossible_delta)
6065  qed      
6066  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
6067    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6068  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
6069    using "&E" by blast+
6070  note props = props this
6071
6072  (* TODO_PLM: binary property 9 wrong in PLM *)
6073  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
6074  AOT_modally_strict {
6075    AOT_have [«»] by "cqt:2[lambda]"
6076  } note 1 = this
6077  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6078  proof(safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6079    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6080      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6081                "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6082  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
6083    proof (rule act_and_pos_not_not_delta)
6084      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6085        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6086                  "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6087    next
6088      AOT_show ¬(¬[E!]b & ([O!]b  q0))
6089      proof (AOT_subst «¬(¬[E!]b & ([O!]b  q0))» «[E!]b  ¬([O!]b  q0)»)
6090        AOT_modally_strict {
6091          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
6092            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2) "∨E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
6093        }
6094      next
6095        AOT_show ([E!]b  ¬([O!]b  q0))
6096          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
6097       qed
6098     qed
6099   next
6100     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6101       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
6102   next
6103     AOT_show Δ(¬[E!]a & ([O!]a  q0))
6104     proof (rule not_act_and_pos_delta)
6105       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6106         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2")
6107     next
6108       AOT_have ¬[E!]a
6109         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "raa-cor:5" by blast
6110       moreover AOT_have ([O!]a  q0)
6111         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
6112       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
6113         by (metis "KBasic:16" "&I" "vdash-properties:10")
6114     qed
6115   qed
6116  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
6117    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6118  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
6119    using "&E" by blast+
6120  note props = props this
6121
6122  AOT_modally_strict {
6123    AOT_have y ¬q0] by "cqt:2[lambda]"
6124  } note 1 = this
6125  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
6126    by (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1]; auto simp: act_not_q_zero not_delta_not_q_zero)
6127  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
6128    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6129  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
6130    using "&E" by blast+
6131  note props = props this
6132
6133  AOT_modally_strict {
6134    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
6135  } note 1 = this
6136  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b & 𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
6137  proof (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6138    AOT_show 𝒜¬[E!]b
6139      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
6140  next AOT_show ¬Δ¬[E!]b
6141      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
6142  next AOT_show 𝒜¬[E!]a
6143      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
6144  next AOT_show Δ¬[E!]a
6145      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "reductio-aa:1" by blast
6146  qed
6147  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
6148    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6149  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
6150    using "&E" by blast+
6151  note props = props this
6152
6153  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
6154    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
6155  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
6156    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6157  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
6158    using "&E" by blast+
6159  note props = props this
6160
6161  let  = "«y [O!]y  q0]»"
6162  AOT_modally_strict {
6163    AOT_have [«»] by "cqt:2[lambda]"
6164  } note 1 = this
6165  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6166  proof (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6167    AOT_show 𝒜([O!]b  q0)
6168      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
6169  next AOT_show Δ([O!]b  q0)
6170      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6171  next AOT_show ¬𝒜([O!]a  q0)
6172      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6173  next AOT_show Δ([O!]a  q0)
6174    proof (rule not_act_and_pos_delta)
6175      AOT_show ¬𝒜([O!]a  q0)
6176        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6177    next AOT_show ([O!]a  q0)
6178        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
6179    qed
6180  qed
6181  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
6182    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6183  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
6184    using "&E" by blast+
6185  note props = props this
6186
6187  let  = "«y [O!]y  ¬q0]»"
6188  AOT_modally_strict {
6189     AOT_have [«»] by "cqt:2[lambda]"
6190  } note 1 = this
6191  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6192  proof (safe intro!: "&I"; AOT_subst_using subst: "beta-C-meta"[THEN "→E", OF 1])
6193    AOT_show 𝒜([O!]b  ¬q0)
6194      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6195  next AOT_show Δ([O!]b  ¬q0)
6196      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6197  next AOT_show 𝒜([O!]a  ¬q0)
6198      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6199  next AOT_show ¬Δ([O!]a  ¬q0)
6200    proof(rule act_and_pos_not_not_delta)
6201      AOT_show 𝒜([O!]a  ¬q0)
6202        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6203    next
6204      AOT_have ¬[O!]a
6205        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
6206      moreover AOT_have q0
6207        by (meson "&E"(1) q0_prop)
6208      ultimately AOT_have 2: (¬[O!]a & q0)
6209         by (metis "KBasic:16" "&I" "vdash-properties:10")
6210      AOT_show ¬([O!]a  ¬q0)
6211      proof (AOT_subst_rev «¬[O!]a & q0» «¬([O!]a  ¬q0)»)
6212        AOT_modally_strict {
6213          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
6214            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
6215                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
6216        }
6217      next
6218        AOT_show (¬[O!]a & q0)
6219          using "2" by blast
6220      qed
6221    qed
6222  qed
6223  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
6224    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6225  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
6226    using "&E" by blast+
6227  note props = props this
6228
6229  AOT_have [L]
6230    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6231  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
6232  proof (safe intro!: "&I")
6233    AOT_show 𝒜[L]b
6234      by (meson nec_L "nec-imp-act" "vdash-properties:10")
6235    next AOT_show Δ[L]b using nec_L nec_delta by blast
6236    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "vdash-properties:10")
6237    next AOT_show Δ[L]a using nec_L nec_delta by blast
6238  qed
6239  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
6240    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6241  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
6242    using "&E" by blast+
6243  note props = props this
6244
6245  show ?thesis
6246    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1]; rule "∃I"(2)[where β=F2];
6247           rule "∃I"(2)[where β=F3]; rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
6248           rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7]; rule "∃I"(2)[where β=F8];
6249           rule "∃I"(2)[where β=F9]; rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
6250           rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13]; rule "∃I"(2)[where β=F14];
6251           rule "∃I"(2)[where β=F15]; safe intro!: "&I")
6252       (match conclusion in "[?v  [F]  [G]]" for F G  6253        match props in A: "[?v  ¬φ{F}]" for φ 6254        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 6255        match props in B: "[?v  φ{G}]" 6256        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
6257                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
6258                                OF "Disjunction Addition"(2)[THEN "→E"],
6259                                OF "&I", OF A, OF B]››››)+
6260qed
6261
6262AOT_theorem "o-objects-exist:1": x O!x
6263proof(rule RN)
6264  AOT_modally_strict {
6265    AOT_obtain a where (E!a & ¬𝒜[E!]a)
6266      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]] by blast
6267    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
6268    AOT_have x [E!]x]a
6269    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6270      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
6271    next
6272      AOT_show E!a by (fact 1)
6273    qed
6274    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6275    AOT_thus x [O!]x by (rule "∃I")
6276  }
6277qed
6278
6279AOT_theorem "o-objects-exist:2": x A!x
6280proof (rule RN)
6281  AOT_modally_strict {
6282    AOT_obtain a where [A!]a
6283      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6284    AOT_thus x A!x using "∃I" by blast
6285  }
6286qed
6287
6288AOT_theorem "o-objects-exist:3": ¬x O!x
6289  by (rule RN) (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2" "qml:2"[axiom_inst] "reductio-aa:2")
6290
6291AOT_theorem "o-objects-exist:4": ¬x A!x
6292  by (rule RN) (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2" "qml:2"[axiom_inst] "→E")
6293
6294AOT_theorem "o-objects-exist:5": ¬x E!x
6295proof (rule RN; rule "raa-cor:2")
6296  AOT_modally_strict {
6297    AOT_assume x E!x
6298    moreover AOT_obtain a where abs: A!a
6299      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]] "∃E"[rotated] by blast
6300    ultimately AOT_have E!a using "∀E" by blast
6301    AOT_hence 1: E!a by (metis "T◇" "→E")
6302    AOT_have y E!y]a
6303    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6304      AOT_show a using "cqt:2[const_var]"[axiom_inst].
6305    next
6306      AOT_show E!a by (fact 1)
6307    qed
6308    AOT_hence O!a
6309      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6310    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
6311    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
6312  }
6313qed
6314
6315AOT_theorem partition: ¬x (O!x & A!x)
6316proof(rule "raa-cor:2")
6317  AOT_assume x (O!x & A!x)
6318  then AOT_obtain a where O!a & A!a using "∃E"[rotated] by blast
6319  AOT_thus p & ¬p for p by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1) "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
6320qed
6321
6322AOT_define eq_E :: ‹Π› ("'(=E')") "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
6323
6324syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
6325translations
6326  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
6327(* TODO: try to replace by a simple translations pattern *)
6328print_translation6329AOT_syntax_print_translations
6330[(const_syntax‹AOT_exe›, fn ctxt => fn [
6331  Const ("constAOT_PLM.eq_E", _),
6332  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6333] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
6334
6335text‹Note: Not explicitly mentioned as theorem in PLM.›
6336AOT_theorem "=E[denotes]": [(=E)]
6337  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
6338
6339AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
6340proof -
6341  (* TODO: rethink the product hacks *)
6342  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6343    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6344  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2[lambda]"
6345  show ?thesis apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
6346    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(AOT_term_of_var x,AOT_term_of_var y)", OF 0]
6347    by fast
6348qed
6349
6350AOT_theorem "=E-simple:2": x =E y  x = y
6351proof (rule "→I")
6352  AOT_assume x =E y
6353  AOT_hence O!x & O!y & F ([F]x  [F]y) using "=E-simple:1"[THEN "≡E"(1)] by blast
6354  AOT_thus x = y
6355    using "≡dfI"[OF "identity:1"] "∨I" by blast
6356qed
6357
6358AOT_theorem "id-nec3:1": x =E y  (x =E y)
6359proof (rule "≡I"; rule "→I")
6360  AOT_assume x =E y
6361  AOT_hence O!x & O!y & F ([F]x  [F]y)
6362    using "=E-simple:1" "≡E" by blast
6363  AOT_hence O!x & O!y & F ([F]x  [F]y)
6364    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4) "oa-facts:1" "raa-cor:3" "vdash-properties:10")
6365  AOT_hence 1: (O!x & O!y & F ([F]x  [F]y))
6366    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
6367  AOT_show (x =E y)
6368    apply (AOT_subst «x =E y» «O!x & O!y & F ([F]x  [F]y)»)
6369     using "=E-simple:1" apply presburger
6370    by (simp add: "1")
6371next
6372  AOT_assume (x =E y)
6373  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
6374qed
6375
6376AOT_theorem "id-nec3:2": (x =E y)  x =E y
6377  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1) "≡E"(5) "Commutativity of ≡")
6378
6379AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
6380  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
6381
6382syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
6383translations
6384  (Π) "(≠E)" == (Π) "(=E)-"
6385syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
6386translations
6387 "_AOT_non_eq_E_infix κ κ'" == "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
6388(* TODO: try replacing be a simple translations pattern *)
6389print_translation6390AOT_syntax_print_translations
6391[(const_syntax‹AOT_exe›, fn ctxt => fn [
6392  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
6393  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6394] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
6395AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
6396proof -
6397  (* TODO: rethink the product hacks *)
6398  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6399    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6400  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2[lambda]" (* TODO_PLM: convoluted proof in PLM; TODO: product hack *)
6401  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
6402    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
6403       (meson "oth-class-taut:3:a")
6404  also AOT_have   ¬(=E)xy
6405    apply (rule "beta-C-meta"[THEN "→E", unvarify ν1νn])
6406     apply "cqt:2[lambda]"
6407    by (fact 0)
6408  finally show ?thesis.
6409qed
6410
6411AOT_theorem "id-nec4:1": x E y  (x E y)
6412proof -
6413  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
6414  also AOT_have   ¬(x =E y)
6415    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
6416  also AOT_have   ¬(x =E y)
6417    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
6418  also AOT_have   (x E y)
6419    by (AOT_subst_rev "«x E y»" "«¬(x =E y)»")
6420       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
6421  finally show ?thesis.
6422qed
6423
6424AOT_theorem "id-nec4:2": (x E y)  (x E y)
6425  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2) "≡E"(5) "Commutativity of ≡")
6426
6427AOT_theorem "id-nec4:3": (x E y)  (x E y)
6428  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
6429
6430AOT_theorem "id-act2:1": x =E y  𝒜x =E y
6431  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1) "≡E"(6))
6432AOT_theorem "id-act2:2": x E y  𝒜x E y
6433  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1) "≡E"(6))
6434
6435AOT_theorem "ord=Eequiv:1": O!x  x =E x
6436proof (rule "→I")
6437  AOT_assume 1: O!x
6438  AOT_show x =E x
6439    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
6440    apply (rule "β←C"(1))
6441      apply "cqt:2[lambda]"
6442     apply (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6443    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
6444qed
6445
6446AOT_theorem "ord=Eequiv:2": x =E y  y =E x
6447proof(rule CP)
6448  AOT_assume 1: x =E y
6449  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
6450  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
6451  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
6452  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
6453qed
6454
6455AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
6456proof (rule CP)
6457  AOT_assume 1: x =E y & y =E z
6458  AOT_hence x = y & y = z
6459    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
6460  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
6461  moreover AOT_have x =E x
6462    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1) "ord=Eequiv:1" "→E" by blast
6463  ultimately AOT_show x =E z
6464    using "rule=E" by fast
6465qed
6466
6467AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
6468proof(rule CP)
6469  AOT_assume O!x  O!y
6470  moreover {
6471    AOT_assume O!x
6472    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
6473    moreover {
6474      AOT_modally_strict {
6475        AOT_have O!x  (x = y  x =E y)
6476        proof (rule "→I"; rule "≡I"; rule "→I")
6477          AOT_assume O!x
6478          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
6479          moreover AOT_assume x = y
6480          ultimately AOT_show x =E y using "rule=E" by fast
6481        next
6482          AOT_assume x =E y
6483          AOT_thus x = y by (metis "=E-simple:2" "→E")
6484        qed
6485      }
6486      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
6487    }
6488    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6489  }
6490  moreover {
6491    AOT_assume O!y
6492    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
6493    moreover {
6494      AOT_modally_strict {
6495        AOT_have O!y  (x = y  x =E y)
6496        proof (rule "→I"; rule "≡I"; rule "→I")
6497          AOT_assume O!y
6498          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
6499          moreover AOT_assume x = y
6500          ultimately AOT_show x =E y using "rule=E" id_sym by fast
6501        next
6502          AOT_assume x =E y
6503          AOT_thus x = y by (metis "=E-simple:2" "→E")
6504        qed
6505      }
6506      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
6507    }
6508    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6509  }
6510  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
6511qed
6512
6513AOT_theorem "ord-=E=:2": O!y  x x = y]
6514proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
6515  AOT_show x x =E y] by "cqt:2[lambda]"
6516next
6517  AOT_assume O!y
6518  AOT_hence 1: (x = y  x =E y) for x using "ord-=E=:1" "→E" "∨I" by blast
6519  AOT_have (x =E y  x = y) for x
6520    by (AOT_subst «x =E y  x = y» «x = y  x =E y»)
6521       (auto simp add: "Commutativity of ≡" 1)
6522  AOT_hence x (x =E y  x = y) by (rule GEN)
6523  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
6524qed
6525
6526
6527AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
6528proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
6529  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
6530next
6531  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
6532  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
6533    AOT_modally_strict {
6534      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
6535        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
6536                  "modus-tollens:1" "raa-cor:1" that)
6537    }
6538  next
6539    AOT_modally_strict {
6540      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
6541        apply(safe intro!: "&I")
6542          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
6543         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
6544        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
6545              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]] by fast
6546    }
6547  qed
6548qed
6549
6550AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
6551proof(rule "→I")
6552  AOT_assume F ([F]x  [F]y)
6553  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
6554  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
6555    using "∀E" by blast
6556  moreover AOT_have x F ([F]x  [F]y)]y
6557    apply (rule "β←C"(1))
6558      apply "cqt:2[lambda]"
6559     apply (fact "cqt:2[const_var]"[axiom_inst])
6560    by (simp add: RN GEN "oth-class-taut:3:a")
6561  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
6562  AOT_thus F ([F]x  [F]y)
6563    using "β→C"(1) by blast
6564qed
6565
6566AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
6567proof (rule "→I"; rule "→I")
6568  AOT_assume F ([F]x  [F]y)
6569  AOT_hence F ([F]x  [F]y)
6570    using "ind-nec"[THEN "→E"] by blast
6571  moreover AOT_assume O!x & O!y
6572  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
6573    using "&I" by blast
6574  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
6575qed
6576
6577AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
6578proof (rule "→I"; rule "→I")
6579  AOT_assume O!x & O!y
6580  moreover AOT_assume F ([F]x  [F]y)
6581  ultimately AOT_have x =E y
6582    using "ord=E:1" "→E" by blast
6583  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
6584qed
6585
6586AOT_theorem "ord=E2:1": (O!x & O!y)  (x  y  z z =E x]  z z =E y])
6587proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6588  AOT_assume 0: O!x & O!y
6589  AOT_assume x  y
6590  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6591  AOT_assume z z =E x] = z z =E y]
6592  moreover AOT_have z z =E x]x
6593    apply (rule "β←C"(1))
6594      apply "cqt:2[lambda]"
6595     apply (fact "cqt:2[const_var]"[axiom_inst])
6596    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
6597  ultimately AOT_have z z =E y]x using "rule=E" by fast
6598  AOT_hence x =E y using "β→C"(1) by blast
6599  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
6600  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6601next
6602  AOT_assume z z =E x]  z z =E y]
6603  AOT_hence 0: ¬(z z =E x] = z z =E y]) using "≡dfE"[OF "=-infix"] by blast
6604  AOT_have z z =E x] by "cqt:2[lambda]"
6605  AOT_hence z z =E x] = z z =E x]
6606    by (metis "rule=I:1")
6607  moreover AOT_assume x = y
6608  ultimately AOT_have z z =E x] = z z =E y]
6609    using "rule=E" by fast
6610  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
6611    using 0 "&I" by blast
6612qed
6613
6614AOT_theorem "ord=E2:2": (O!x & O!y)  (x  y  z z = x]  z z = y])
6615proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6616  AOT_assume 0: O!x & O!y
6617  AOT_assume x  y
6618  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6619  AOT_assume z z = x] = z z = y]
6620  moreover AOT_have z z = x]x
6621    apply (rule "β←C"(1))
6622    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6623     apply (fact "cqt:2[const_var]"[axiom_inst])
6624    by (simp add: "id-eq:1")
6625  ultimately AOT_have z z = y]x using "rule=E" by fast
6626  AOT_hence x = y using "β→C"(1) by blast
6627  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6628next
6629  AOT_assume 0: O!x & O!y
6630  AOT_assume z z = x]  z z = y]
6631  AOT_hence 1: ¬(z z = x] = z z = y]) using "≡dfE"[OF "=-infix"] by blast
6632  AOT_have z z = x] by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6633  AOT_hence z z = x] = z z = x]
6634    by (metis "rule=I:1")
6635  moreover AOT_assume x = y
6636  ultimately AOT_have z z = x] = z z = y]
6637    using "rule=E" by fast
6638  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
6639    using 1 "&I" by blast
6640qed
6641
6642AOT_theorem ordnecfail: O!x  ¬F x[F]
6643  by (meson "RM:1" "deduction-theorem" nocoder "oa-facts:1" "vdash-properties:10" "vdash-properties:1[2]")
6644
6645AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
6646proof (rule "→I"; rule "→I")
6647  AOT_assume 1: A!x & A!y
6648  AOT_assume F (x[F]  y[F])
6649  AOT_hence x[F]  y[F] for F using "∀E" by blast
6650  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
6651  AOT_hence F (x[F]  y[F]) by (rule GEN)
6652  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
6653  AOT_thus x = y
6654    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
6655qed
6656
6657AOT_theorem "ab-obey:2": (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
6658proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6659  AOT_assume 1: x = y
6660  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
6661  moreover {
6662    AOT_assume F (x[F] & ¬y[F])
6663    then AOT_obtain F where x[F] & ¬y[F] using "∃E"[rotated] by blast
6664    moreover AOT_have y[F] using calculation[THEN "&E"(1)] 1 "rule=E" by fast
6665    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
6666  }
6667  moreover {
6668    AOT_assume F (y[F] & ¬x[F])
6669    then AOT_obtain F where y[F] & ¬x[F] using "∃E"[rotated] by blast
6670    moreover AOT_have ¬y[F] using calculation[THEN "&E"(2)] 1 "rule=E" by fast
6671    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
6672  }
6673  ultimately AOT_show p & ¬p for p by (metis "∨E"(3) "raa-cor:1")
6674qed
6675
6676AOT_theorem "encoders-are-abstract": F x[F]  A!x
6677  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
6678            "oa-contingent:3" "vdash-properties:1[2]")
6679
6680AOT_theorem "denote=:1": Hx x[H]
6681  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6682
6683AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
6684  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6685
6686AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
6687  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6688
6689AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
6690  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6691
6692AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
6693  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6694
6695AOT_theorem "denote=:3": x x[Π]  H (H = Π)
6696  using "existence:2[1]" "free-thms:1" "≡E"(2) "≡E"(5) "Commutativity of ≡" "≡Df" by blast
6697
6698AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
6699  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
6700
6701AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
6702  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
6703
6704AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
6705  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
6706
6707AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
6708  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
6709
6710AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
6711proof (rule "uniqueness:1"[THEN "≡dfI"])
6712  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
6713    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
6714  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
6715  proof (rule "→I")
6716    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
6717    AOT_hence β[F]  φ{F} for F using "∀E" "&E" by blast
6718    AOT_hence β[F]  a[F] for F
6719      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2) "≡E"(5) "Commutativity of ≡" by fast
6720    AOT_hence F (β[F]  a[F]) by (rule GEN)
6721    AOT_thus β = a
6722      using "ab-obey:1"[THEN "→E", OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]], THEN "→E"] by blast
6723  qed
6724  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
6725  AOT_thus α ([A!]α & F (α[F]  φ{F}) & β ([A!]β & F (β[F]  φ{F})  β = α))
6726    using "∃I" using a_prop "&I" by fast
6727qed
6728
6729AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
6730  using "A-objects!" by fast
6731
6732AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
6733  using "A-objects!" by fast
6734
6735AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
6736  using "A-objects!" by fast
6737
6738AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
6739  using "A-objects!" by fast
6740
6741AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
6742  using "A-objects!" by fast
6743
6744AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
6745  using "A-objects!" by fast
6746
6747AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
6748  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
6749
6750AOT_act_theorem "thm-can-terms2": y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6751  using "y-in:2" by blast
6752
6753AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
6754proof(rule "→I")
6755  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6756  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
6757    using "actual-desc:2"[THEN "→E"] by blast
6758  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
6759  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
6760qed
6761
6762AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6763proof -
6764  AOT_have ιx(A!x & F (x[F]  φ{F}))
6765    by (simp add: "A-descriptions")
6766  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6767    using "y-in:3"[THEN "→E"] by blast
6768  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6769    using "&E" "∀E" by blast
6770qed
6771
6772AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
6773  using "desc-encode:1".
6774
6775AOT_theorem "desc-nec-encode:1": ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6776proof -
6777  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
6778    by (simp add: "A-descriptions")
6779  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
6780    using "actual-desc:4"[THEN "→E"] by blast
6781  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6782    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
6783  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6784    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
6785  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6786    using "∀E" by blast
6787  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6788    using "Act-Basic:5" "≡E"(1) by blast
6789  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6790    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
6791qed
6792
6793AOT_theorem "desc-nec-encode:2": ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
6794  using "desc-nec-encode:1".
6795
6796AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
6797  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
6798     (meson "nec-imp-act" "vdash-properties:10")
6799
6800AOT_theorem "Box-desc-encode:2": φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6801proof(rule CP)
6802  AOT_assume φ{G}
6803  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
6804  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6805  proof (rule RM; rule "→I")
6806    AOT_modally_strict {
6807      AOT_assume 1: φ{G}
6808      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G] using "Box-desc-encode:1" "→E" by blast
6809      moreover AOT_have φ{G} using 1 by (meson "qml:2" "vdash-properties:10" "vdash-properties:1[2]")
6810      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
6811        using "deduction-theorem" "≡I" by simp
6812    }
6813  qed
6814  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}) using "→E" by blast
6815qed
6816
6817definition rigid_condition where rigid_condition φ  v . [v  α (φ{α}  φ{α})]
6818syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
6819
6820AOT_theorem "strict-can:1[E]": assumes RIGID_CONDITION(φ)
6821  shows α (φ{α}  φ{α})
6822  using assms[unfolded rigid_condition_def] by auto
6823
6824AOT_theorem "strict-can:1[I]":
6825  assumes  α (φ{α}  φ{α})
6826  shows RIGID_CONDITION(φ)
6827  using assms rigid_condition_def by auto
6828
6829AOT_theorem "box-phi-a:1": assumes RIGID_CONDITION(φ)
6830  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
6831proof (rule "→I")
6832  AOT_assume a: A!x & F (x[F]  φ{F})
6833  AOT_hence b: A!x by (metis "Conjunction Simplification"(1) "oa-facts:2" "vdash-properties:10")
6834  AOT_have x[F]  φ{F} for F using a[THEN "&E"(2)] "∀E" by blast
6835  moreover AOT_have (x[F]  x[F]) for F by (meson "pre-en-eq:1[1]" RN)
6836  moreover AOT_have (φ{F}  φ{F}) for F using RN "strict-can:1[E]"[OF assms] "∀E" by blast
6837  ultimately AOT_have (x[F]  φ{F}) for F
6838    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
6839  AOT_hence F (x[F]  φ{F}) by (rule GEN)
6840  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
6841  AOT_thus ([A!]x & F (x[F]  φ{F}))
6842    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
6843qed
6844
6845AOT_theorem "box-phi-a:2": assumes RIGID_CONDITION(φ)
6846  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6847proof(rule "→I")
6848  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6849  AOT_hence 𝒜(A!y & F (y[F]  φ{F})) using "actual-desc:2"[THEN "→E"] by fast
6850  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
6851    using "Act-Basic:2" "&E" "≡E"(1) by blast+
6852  AOT_hence F 𝒜(y[F]  φ{F}) by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
6853  AOT_hence 𝒜(y[F]  φ{F}) for F using "∀E" by blast
6854  AOT_hence 𝒜y[F]  𝒜φ{F} for F by (metis "Act-Basic:5" "≡E"(1)) 
6855  AOT_hence y[F]  φ{F} for F
6856    using "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6857    by (metis "en-eq:10[1]" "≡E"(6))
6858  AOT_hence F (y[F]  φ{F}) by (rule GEN)
6859  AOT_thus [A!]y & F (y[F]  φ{F}) using abs "&I" "≡E"(2) "oa-facts:8" by blast
6860qed
6861
6862AOT_theorem "box-phi-a:3": assumes RIGID_CONDITION(φ)
6863  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6864  using "desc-nec-encode:2"
6865    "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6866    "≡E"(5) by blast
6867
6868AOT_define Null :: ‹τ  φ› ("Null'(_')") 
6869  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
6870
6871AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
6872  "df-null-uni:2": Universal(x) df A!x & F x[F]
6873
6874AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
6875proof (rule "uniqueness:1"[THEN "≡dfI"])
6876  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
6877    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
6878  AOT_have a_null: ¬a[F] for F
6879  proof (rule "raa-cor:2")
6880    AOT_assume a[F]
6881    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
6882    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
6883    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
6884  qed
6885  AOT_have Null(a) & β (Null(β)  β = a)
6886  proof (rule "&I")
6887    AOT_have ¬F a[F] using a_null by (metis "instantiation" "reductio-aa:1")
6888    AOT_thus Null(a)
6889      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
6890  next
6891    AOT_show β (Null(β)  β = a)
6892    proof (rule GEN; rule "→I")
6893      fix β
6894      AOT_assume a: Null(β)
6895      AOT_hence ¬F β[F]
6896        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
6897      AOT_hence β_null: ¬β[F] for F by (metis "existential:2[const_var]" "reductio-aa:1")
6898      AOT_have F (β[F]  a[F])
6899        apply (rule GEN; rule "≡I"; rule CP)
6900        using "raa-cor:3" β_null a_null by blast+
6901      moreover AOT_have A!β using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
6902      ultimately AOT_show β = a
6903        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" by blast
6904    qed
6905  qed
6906  AOT_thus α (Null(α) & β (Null(β)  β = α)) using "∃I"(2) by fast
6907qed
6908
6909AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
6910proof (rule "uniqueness:1"[THEN "≡dfI"])
6911  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
6912    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
6913  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
6914  AOT_hence Universal(a)
6915    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
6916  moreover AOT_have β (Universal(β)  β = a)
6917  proof (rule GEN; rule "→I")
6918    fix β
6919    AOT_assume Universal(β)
6920    AOT_hence abs_β: A!β and β[F] for F using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
6921    AOT_hence β[F]  a[F] for F using aF by (metis "deduction-theorem" "≡I")
6922    AOT_hence F (β[F]  a[F]) by (rule GEN)
6923    AOT_thus β = a
6924      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" abs_β by blast
6925  qed
6926  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
6927    using "&I" "∃I" by fast
6928qed
6929
6930AOT_theorem "null-uni-uniq:3": ιx Null(x)
6931  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
6932
6933AOT_theorem "null-uni-uniq:4": ιx Universal(x)
6934  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
6935
6936AOT_define Null_object :: ‹κs (a)
6937  "df-null-uni-terms:1": a =df ιx Null(x)
6938
6939AOT_define Universal_object :: ‹κs (aV)
6940  "df-null-uni-terms:2": aV =df ιx Universal(x)
6941
6942AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
6943proof (rule "→I")
6944  AOT_assume Null(x)
6945  AOT_hence x_abs: A!x and x_null: ¬F x[F]
6946    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
6947  AOT_have ¬x[F] for F using x_null
6948    using "existential:2[const_var]" "reductio-aa:1"
6949    by metis
6950  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
6951  AOT_hence F ¬x[F] by (rule GEN)
6952  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
6953  moreover AOT_have F ¬x[F]  ¬F x[F]
6954    apply (rule RM)
6955    by (metis (full_types) "instantiation" "cqt:2[const_var]" "deduction-theorem"
6956                           "reductio-aa:1" "rule-ui:1" "vdash-properties:1[2]")
6957  ultimately AOT_have ¬F x[F]
6958    by (metis "→E")
6959  moreover AOT_have A!x using x_abs
6960    using "oa-facts:2" "vdash-properties:10" by blast
6961  ultimately AOT_have r: (A!x & ¬F x[F])
6962    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
6963  AOT_show Null(x)
6964    by (AOT_subst "«Null(x)»" "«A!x & ¬F x[F]»")
6965       (auto simp: "df-null-uni:1" "≡Df" r)
6966qed  
6967
6968AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
6969proof (rule "→I")
6970  AOT_assume Universal(x)
6971  AOT_hence x_abs: A!x and x_univ: F x[F]
6972    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
6973  AOT_have x[F] for F using x_univ "∀E" by blast
6974  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
6975  AOT_hence F x[F] by (rule GEN)
6976  AOT_hence F x[F] by (rule BF[THEN "→E"])
6977  moreover AOT_have A!x using x_abs
6978    using "oa-facts:2" "vdash-properties:10" by blast
6979  ultimately AOT_have r: (A!x & F x[F])
6980    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
6981  AOT_show Universal(x)
6982    by (AOT_subst "«Universal(x)»" "«A!x & F x[F]»")
6983       (auto simp add: "df-null-uni:2" "≡Df" r)
6984qed
6985
6986AOT_theorem "null-uni-facts:3": Null(a)
6987  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
6988   apply (simp add: "null-uni-uniq:3")
6989  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
6990    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"], THEN "≡E"(1)]
6991  by blast
6992
6993AOT_theorem "null-uni-facts:4": Universal(aV)
6994  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
6995   apply (simp add: "null-uni-uniq:4")
6996  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
6997    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"], THEN "≡E"(1)]
6998  by blast
6999
7000AOT_theorem "null-uni-facts:5": a  aV
7001proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
7002    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
7003    rule "≡dfI"[OF "=-infix"];
7004    rule "raa-cor:2")
7005  AOT_obtain x where nullx: Null(x)
7006    by (metis "instantiation" "df-null-uni-terms:1" "existential:1" "null-uni-facts:3"
7007              "null-uni-uniq:3" "rule-id-df:2:b[zero]")
7008  AOT_hence act_null: 𝒜Null(x) by (metis "nec-imp-act" "null-uni-facts:1" "vdash-properties:10")
7009  AOT_assume ιx Null(x) = ιx Universal(x)
7010  AOT_hence 𝒜x(Null(x)  Universal(x))
7011    using "actual-desc:5"[THEN "→E"] by blast
7012  AOT_hence x 𝒜(Null(x)  Universal(x))
7013    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
7014  AOT_hence 𝒜Null(x)  𝒜Universal(x)
7015    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
7016  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
7017  AOT_hence Universal(x) by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "vdash-properties:10")
7018  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
7019  moreover AOT_have ¬F x[F] using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
7020  ultimately AOT_show p & ¬p for p by (metis "cqt-further:1" "raa-cor:3" "vdash-properties:10")
7021qed
7022
7023AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
7024proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7025  AOT_show ιx([A!]x & F (x[F]  F  F))
7026    by (simp add: "A-descriptions")
7027next
7028  AOT_show a
7029    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7030       (simp add: "null-uni-uniq:3")
7031next
7032  AOT_have ιx([A!]x & F (x[F]  F  F))
7033    by (simp add: "A-descriptions")
7034  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
7035    using "rule=I:1" by blast
7036  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
7037    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"]; rule "&I")
7038    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:a[zero]" "vdash-properties:10")
7039    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7040next
7041  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
7042  proof (rule GEN)
7043    fix F
7044    AOT_have ¬a[F]
7045      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7046         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3)
7047                "df-null-uni:1" "df-null-uni-terms:1" "existential:2[const_var]" "null-uni-facts:3"
7048                "raa-cor:2" "rule-id-df:2:a[zero]" "russell-axiom[enc,1].ψ_denotes_asm")
7049    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
7050    proof(rule "raa-cor:2")
7051      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
7052      AOT_hence 𝒜(F  F) using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
7053      moreover AOT_have ¬𝒜(F  F)
7054        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2) "=-infix" "raa-cor:3" by blast
7055      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
7056    qed
7057    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
7058      using "deduction-theorem" "≡I" "raa-cor:4" by blast
7059  qed
7060qed
7061
7062AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
7063proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7064  AOT_show ιx([A!]x & F (x[F]  F = F))
7065    by (simp add: "A-descriptions")
7066next
7067  AOT_show aV
7068    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7069       (simp add: "null-uni-uniq:4")
7070next
7071  AOT_have ιx([A!]x & F (x[F]  F = F))
7072    by (simp add: "A-descriptions")
7073  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
7074    using "rule=I:1" by blast
7075  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
7076    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"]; rule "&I")
7077    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]" "vdash-properties:10")
7078    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7079next
7080  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
7081  proof (rule GEN)
7082    fix F
7083    AOT_have aV[F]
7084      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7085      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]" "rule-ui:3" by blast
7086    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
7087      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
7088    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
7089      using "deduction-theorem" "≡I" by simp
7090  qed
7091qed
7092
7093AOT_theorem "aclassical:1": Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
7094proof(rule GEN)
7095  fix R
7096  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
7097    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7098  AOT_have a_enc: az [R]za]
7099  proof (rule "raa-cor:1")
7100    AOT_assume 0: ¬az [R]za]
7101    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7102      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
7103                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7104         "cqt:2[lambda]"
7105    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7106      using "cqt-further:4" "vdash-properties:10" by blast
7107    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za]) using "∀E" by blast
7108    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
7109      by (metis "&I" "deduction-theorem" "raa-cor:3")
7110    moreover AOT_have z [R]za] = z [R]za]
7111      by (rule "=I") "cqt:2[lambda]"
7112    ultimately AOT_have az [R]za] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7113    AOT_thus az [R]za] & ¬az [R]za]
7114      using 0 "&I" by blast
7115  qed
7116  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7117    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7118  then AOT_obtain b where b_prop: A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
7119    using "∃E"[rotated] by blast
7120  AOT_have a  b
7121    apply (rule "≡dfI"[OF "=-infix"])
7122    using a_enc b_prop[THEN "&E"(2)]
7123    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7124  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
7125    using b_prop "&E" a_prop "&I" by meson
7126  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
7127  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
7128qed
7129
7130AOT_theorem "aclassical:2": Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
7131proof(rule GEN)
7132  fix R
7133  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
7134    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7135  AOT_have a_enc: az [R]az]
7136  proof (rule "raa-cor:1")
7137    AOT_assume 0: ¬az [R]az]
7138    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7139      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
7140                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7141         "cqt:2[lambda]"
7142    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7143      using "cqt-further:4" "vdash-properties:10" by blast
7144    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az]) using "∀E" by blast
7145    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
7146      by (metis "&I" "deduction-theorem" "raa-cor:3")
7147    moreover AOT_have z [R]az] = z [R]az]
7148      by (rule "=I") "cqt:2[lambda]"
7149    ultimately AOT_have az [R]az] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7150    AOT_thus az [R]az] & ¬az [R]az]
7151      using 0 "&I" by blast
7152  qed
7153  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7154    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7155  then AOT_obtain b where b_prop: A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
7156    using "∃E"[rotated] by blast
7157  AOT_have a  b
7158    apply (rule "≡dfI"[OF "=-infix"])
7159    using a_enc b_prop[THEN "&E"(2)]
7160    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7161  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
7162    using b_prop "&E" a_prop "&I" by meson
7163  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
7164  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
7165qed
7166
7167AOT_theorem "aclassical:3": Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
7168proof(rule GEN)
7169  fix R
7170  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
7171    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7172  AOT_have z [R]a] by "cqt:2[lambda]"
7173  (* TODO: S should no longer be necessary *)
7174  then AOT_obtain S where S_def: S = z [R]a]
7175    by (metis "instantiation" "rule=I:1" "existential:1" id_sym)
7176  AOT_have a_enc: a[S]
7177  proof (rule "raa-cor:1")
7178    AOT_assume 0: ¬a[S]
7179    AOT_hence ¬y(A!y & S = z [R]y] & ¬y[S])
7180      by (rule a_prop[THEN "&E"(2), THEN "∀E"(2)[where β=S],
7181                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated]) 
7182    AOT_hence y ¬(A!y & S = z [R]y] & ¬y[S])
7183      using "cqt-further:4" "vdash-properties:10" by blast
7184    AOT_hence ¬(A!a & S = z [R]a] & ¬a[S]) using "∀E" by blast
7185    AOT_hence (A!a & S = z [R]a])  a[S]
7186      by (metis "&I" "deduction-theorem" "raa-cor:3")
7187    moreover AOT_have S = z [R]a] using S_def .
7188    ultimately AOT_have a[S] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7189    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
7190  qed
7191  AOT_hence y(A!y & S = z [R]y] & ¬y[S])
7192    by (rule a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1), rotated])
7193  then AOT_obtain b where b_prop: A!b & S = z [R]b] & ¬b[S]
7194    using "∃E"[rotated] by blast
7195  AOT_have 1: a  b
7196    apply (rule "≡dfI"[OF "=-infix"])
7197    using a_enc b_prop[THEN "&E"(2)]
7198    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7199  AOT_have a:  [R]a] = ([R]a)
7200    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7201    by (meson "log-prop-prop:2")
7202  AOT_have b:  [R]b] = ([R]b)
7203    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7204    by (meson "log-prop-prop:2")
7205  AOT_have  [R]a] =  [R]b]
7206    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
7207    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
7208    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
7209     apply (rule "rule=E"[rotated, OF S_def])
7210    using b_prop "&E" apply blast
7211    apply (safe intro!: "&I")
7212    by (simp add: "log-prop-prop:2")+
7213  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
7214    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)] "&I" by auto
7215  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
7216  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
7217qed
7218
7219AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
7220proof -
7221  AOT_have x y ([A!]x & [A!]y & x  y &
7222               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7223    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
7224       "cqt:2[lambda]"
7225  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
7226               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7227    using "∃E"[rotated] by blast
7228  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
7229               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7230    using "∃E"[rotated] by blast
7231  AOT_have z xy F ([F]x  [F]y)]zx]x
7232    apply (rule "β←C"(1))
7233      apply "cqt:2[lambda]"
7234     apply (fact "cqt:2[const_var]"[axiom_inst])
7235    apply (rule "β←C"(1))
7236      apply "cqt:2[lambda]"
7237    apply (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
7238    by (simp add: "oth-class-taut:3:a" "universal-cor")
7239  AOT_hence z xy F ([F]x  [F]y)]zy]x
7240    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
7241  AOT_hence xy F ([F]x  [F]y)]xy
7242    by (rule "β→C"(1))
7243  AOT_hence F ([F]x  [F]y)
7244    using "β→C"(1) old.prod.case by fast
7245  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y) using 0 "&E" "&I" by blast
7246  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
7247  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
7248qed
7249
7250AOT_theorem "kirchner-thm:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7251proof(rule "≡I"; rule "→I")
7252  AOT_assume x φ{x}]
7253  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
7254  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7255  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7256    AOT_modally_strict {
7257      fix x y
7258      AOT_assume 0: x φ{x}]
7259      moreover AOT_assume F([F]x  [F]y)
7260      ultimately AOT_have x φ{x}]x  x φ{x}]y
7261        using "∀E" by blast
7262      AOT_thus (φ{x}  φ{y})
7263        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7264    }
7265  qed
7266  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7267    using "→E" by blast
7268next
7269  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y}))  y(x(F([F]x  [F]y) & φ{x})  φ{y})
7270  proof(rule "RM:1"; rule "→I"; rule GEN)
7271    AOT_modally_strict {
7272      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7273      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
7274        using "∀E"(2) "→E" that by blast
7275      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
7276      proof (rule "raa-cor:1")
7277        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
7278        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y})  (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7279          using "≡E"(1) "oth-class-taut:4:h" by blast
7280        moreover {
7281          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
7282          AOT_obtain a where F([F]a  [F]y) & φ{a}
7283            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7284          AOT_hence φ{y} using indisc[THEN "≡E"(1)] "&E" by blast
7285          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7286        }
7287        moreover {
7288          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7289          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
7290            using "&E"(1) "cqt-further:4" "→E" by blast
7291          AOT_hence ¬(F([F]y  [F]y) & φ{y}) using "∀E" by blast
7292          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
7293            using "≡E"(1) "oth-class-taut:5:c" by blast
7294          moreover AOT_have F([F]y  [F]y) by (simp add: "oth-class-taut:3:a" "universal-cor")
7295          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
7296          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7297        }
7298        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7299      qed
7300    }
7301  qed
7302  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7303  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
7304    using "→E" by blast
7305  AOT_thus x φ{x}]
7306    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7307qed
7308
7309AOT_theorem "kirchner-thm:2": x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7310proof(rule "≡I"; rule "→I")
7311  AOT_assume x1...xn φ{x1...xn}]
7312  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "vdash-properties:10")
7313  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7314  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7315    AOT_modally_strict {
7316      fix x1xn y1yn :: 'a AOT_var›
7317      AOT_assume 0: x1...xn φ{x1...xn}]
7318      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7319      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn  x1...xn φ{x1...xn}]y1...yn
7320        using "∀E" by blast
7321      AOT_thus (φ{x1...xn}  φ{y1...yn})
7322        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7323    }
7324  qed
7325  ultimately AOT_show x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7326    using "→E" by blast
7327next
7328  AOT_have (x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))) 
7329            y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7330  proof(rule "RM:1"; rule "→I"; rule GEN)
7331    AOT_modally_strict {
7332      AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7333      AOT_hence indisc: φ{x1...xn}  φ{y1...yn} if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
7334        using "∀E"(2) "→E" that by blast
7335      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn} for y1yn
7336      proof (rule "raa-cor:1")
7337        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7338        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}) 
7339                    (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & φ{y1...yn})
7340          using "≡E"(1) "oth-class-taut:4:h" by blast
7341        moreover {
7342          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}
7343          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
7344            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7345          AOT_hence φ{y1...yn} using indisc[THEN "≡E"(1)] "&E" by blast
7346          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7347        }
7348        moreover {
7349          AOT_assume 0: (¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))) & φ{y1...yn})
7350          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
7351            using "&E"(1) "cqt-further:4" "→E" by blast
7352          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn}) using "∀E" by blast
7353          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
7354            using "≡E"(1) "oth-class-taut:5:c" by blast
7355          moreover AOT_have F([F]y1...yn  [F]y1...yn)
7356            by (simp add: "oth-class-taut:3:a" "universal-cor")
7357          ultimately AOT_have ¬φ{y1...yn} by (metis "¬¬I" "∨E"(2))
7358          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7359        }
7360        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7361      qed
7362    }
7363  qed
7364  moreover AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7365  ultimately AOT_have y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7366    using "→E" by blast
7367  AOT_thus x1...xn φ{x1...xn}]
7368    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7369qed
7370
7371AOT_theorem "kirchner-thm-cor:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7372proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7373  fix x y
7374  AOT_assume x φ{x}]
7375  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7376    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
7377  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7378    using CBF[THEN "→E"] by blast
7379  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7380    using "∀E" by blast
7381  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7382    using CBF[THEN "→E"] by blast
7383  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
7384    using "∀E" by blast
7385  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
7386    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7387  moreover AOT_assume F([F]x  [F]y)
7388  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
7389qed
7390
7391AOT_theorem "kirchner-thm-cor:2":
7392  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7393proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7394  fix x1xn y1yn
7395  AOT_assume x1...xn φ{x1...xn}]
7396  AOT_hence 0: x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7397    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
7398  AOT_have x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7399  proof(rule GEN; rule GEN)
7400    fix x1xn y1yn
7401    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7402      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
7403      using "∀E" by blast
7404  qed
7405  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7406    using "∀E" by blast
7407  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7408    using "∀E" by blast
7409  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7410    using "∀E" by blast
7411  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
7412    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7413  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7414  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2[lambda]"
7415  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn  x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7416    using "∀E" by blast
7417  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7418    apply (rule "β←C"(1))
7419      apply "cqt:2[lambda]"
7420     apply (fact "cqt:2[const_var]"[axiom_inst])
7421    by (simp add: RN GEN "oth-class-taut:3:a")
7422  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn using "≡E"(2) by blast
7423  AOT_hence F ([F]x1...xn  [F]y1...yn)
7424    using "β→C"(1) by blast
7425  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
7426qed
7427
7428AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
7429  "prop-prop1": Propositional([F]) df p(F = y p])
7430
7431AOT_theorem "prop-prop2:1": p y p]
7432  by (rule GEN) "cqt:2[lambda]"
7433
7434AOT_theorem "prop-prop2:2": ν φ]
7435  by "cqt:2[lambda]"
7436
7437AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
7438proof (rule "→I")
7439  AOT_assume 0: F = y p]
7440  AOT_show x([F]x  p)
7441    by (rule "rule=E"[rotated, OF 0[symmetric]]; rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
7442      "cqt:2[lambda]"
7443qed
7444
7445AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
7446proof(rule "→I")
7447  AOT_assume Propositional([F])
7448  AOT_hence p(F = y p]) using "≡dfE"[OF "prop-prop1"] by blast
7449  then AOT_obtain p where F = y p] using "∃E"[rotated] by blast
7450  AOT_hence (F = y p]) using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
7451  AOT_hence p (F = y p]) using "∃I" by fast
7452  AOT_hence 0: p (F = y p]) by (metis Buridan "vdash-properties:10")
7453  AOT_show Propositional([F])
7454    apply (AOT_subst «Propositional([F])» «p (F = y p])»)
7455     using "prop-prop1" "≡Df" apply presburger
7456    by (fact 0)
7457qed
7458
7459AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
7460  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
7461
7462AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
7463proof(rule "→I")
7464  AOT_assume Propositional([Π])
7465  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
7466  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
7467  AOT_show Indiscriminate([Π])
7468  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7469    AOT_show Π
7470      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
7471  next
7472    AOT_show (x [Π]x  x [Π]x)
7473    proof (rule "rule=E"[rotated, OF Π_def[symmetric]]; rule RN; rule "→I"; rule GEN)
7474      AOT_modally_strict {
7475        AOT_assume x y p]x
7476        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
7477        AOT_hence 0: p by (metis "β→C"(1))
7478        AOT_show y p]x for x
7479          apply (rule "β←C"(1))
7480            apply "cqt:2[lambda]"
7481           apply (fact "cqt:2[const_var]"[axiom_inst])
7482          by (fact 0)
7483      }
7484    qed
7485  qed
7486qed
7487
7488AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
7489proof (rule "→I")
7490  AOT_assume Necessary([F])
7491  AOT_hence 0: x1...∀xn [F]x1...xn using "≡dfE"[OF "contingent-properties:1"] by blast
7492  AOT_show Indiscriminate([F])
7493    by (rule "≡dfI"[OF "prop-indis"])
7494       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "vdash-properties:6") 
7495qed
7496
7497AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
7498proof (rule "→I")
7499  AOT_modally_strict {
7500    AOT_have x ¬[F]x  (x [F]x  x [F]x)
7501      by (metis "instantiation" "cqt-orig:3" "Hypothetical Syllogism" "deduction-theorem" "raa-cor:3")
7502  }
7503  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
7504    by (rule "RM:1")
7505  AOT_assume Impossible([F])
7506  AOT_hence x ¬[F]x using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
7507  AOT_hence 1: (x [F]x  x [F]x) using 0 "→E" by blast
7508  AOT_show Indiscriminate([F])
7509    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7510       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
7511qed
7512
7513AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
7514proof(rule "raa-cor:2")
7515  AOT_assume Indiscriminate([E!])
7516  AOT_hence 0: (x [E!]x  x [E!]x)
7517    using "≡dfE"[OF "prop-indis"] "&E" by blast
7518  AOT_hence x [E!]x  x [E!]x
7519    using "KBasic:13" "vdash-properties:10" by blast
7520  moreover AOT_have x [E!]x
7521    by (simp add: "thm-cont-e:3")
7522  ultimately AOT_have x [E!]x
7523    by (metis "vdash-properties:6")
7524  AOT_thus p & ¬p for p
7525    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
7526qed
7527
7528AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
7529proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]]; rule "raa-cor:2")
7530  AOT_assume Indiscriminate(x ¬[E!]x])
7531  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
7532    using "≡dfE"[OF "prop-indis"] "&E" by blast
7533  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
7534    using "→E" "qml:1" "vdash-properties:1[2]" by blast
7535  moreover AOT_have x x ¬[E!]x]x
7536    apply (AOT_subst λκ. «x ¬[E!]x]κ» λκ. «¬[E!]κ»)
7537    apply (rule "beta-C-meta"[THEN "→E"])
7538     apply "cqt:2[lambda]"
7539    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2" "o-objects-exist:5" "vdash-properties:10")
7540  ultimately AOT_have 1: x x ¬[E!]x]x
7541    by (metis "vdash-properties:6")
7542  AOT_have x ¬[E!]x
7543    apply (AOT_subst_rev λκ. «x ¬[E!]x]κ» λκ. «¬[E!]κ»)
7544    apply (rule "beta-C-meta"[THEN "→E"])
7545     apply "cqt:2[lambda]"
7546    by (fact 1)
7547  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
7548  moreover AOT_obtain a where abs_a: O!a
7549    using "instantiation" "o-objects-exist:1" "qml:2" "vdash-properties:1[2]" "vdash-properties:6" by blast
7550  ultimately AOT_have ¬[E!]a using "∀E" by blast
7551  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
7552  AOT_have A!a
7553    apply (rule "=dfI"(2)[OF AOT_abstract])
7554     apply "cqt:2[lambda]"
7555    apply (rule "β←C"(1))
7556      apply "cqt:2[lambda]"
7557    using "cqt:2[const_var]"[axiom_inst] apply blast
7558    by (fact 2)
7559  AOT_thus p & ¬p for p using abs_a
7560    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
7561qed
7562
7563AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
7564proof(rule "raa-cor:2")
7565  AOT_assume Indiscriminate(O!)
7566  AOT_hence 0: (x O!x  x O!x)
7567    using "≡dfE"[OF "prop-indis"] "&E" by blast
7568  AOT_hence x O!x  x O!x
7569    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7570  moreover AOT_have x O!x
7571    using "o-objects-exist:1" by blast
7572  ultimately AOT_have x O!x
7573    by (metis "vdash-properties:6")
7574  AOT_thus p & ¬p for p
7575    by (metis "o-objects-exist:3" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7576qed
7577
7578AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
7579proof(rule "raa-cor:2")
7580  AOT_assume Indiscriminate(A!)
7581  AOT_hence 0: (x A!x  x A!x)
7582    using "≡dfE"[OF "prop-indis"] "&E" by blast
7583  AOT_hence x A!x  x A!x
7584    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7585  moreover AOT_have x A!x
7586    using "o-objects-exist:2" by blast
7587  ultimately AOT_have x A!x
7588    by (metis "vdash-properties:6")
7589  AOT_thus p & ¬p for p
7590    by (metis "o-objects-exist:4" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7591qed
7592
7593AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
7594  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
7595
7596AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
7597  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
7598
7599AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
7600  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
7601
7602AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
7603  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
7604
7605AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
7606proof(rule "→I")
7607  AOT_assume p (F = y p])
7608  AOT_hence p (F = y p])
7609    by (metis "BF◇" "vdash-properties:10")
7610  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7611  AOT_hence F = y p] by (metis "derived-S5-rules:2" emptyE "id-nec:2" "vdash-properties:6")
7612  AOT_thus p(F = y p]) by (rule "∃I")
7613qed
7614
7615AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
7616proof(rule "→I")
7617  AOT_assume p (F  y p])
7618  AOT_hence (F  y p]) for p
7619    using "∀E" by blast
7620  AOT_hence (F  y p]) for p
7621    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7622  AOT_hence p (F  y p]) by (rule GEN)
7623  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
7624qed
7625
7626AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
7627proof(rule "→I")
7628  AOT_assume p (F = y p])
7629  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7630  AOT_hence (F = y p]) by (metis "id-nec:2" "vdash-properties:6")
7631  AOT_hence p(F = y p]) by (rule "∃I")
7632  AOT_thus p(F = y p]) by (metis Buridan "vdash-properties:10")
7633qed
7634
7635AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
7636proof(rule "→I")
7637  AOT_assume p (F  y p])
7638  AOT_hence p (F  y p]) by (metis "Buridan◇" "vdash-properties:10")
7639  AOT_hence (F  y p]) for p
7640    using "∀E" by blast
7641  AOT_hence F  y p] for p
7642    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7643  AOT_thus p (F  y p]) by (rule GEN)
7644qed
7645
7646AOT_theorem "enc-prop-nec:1": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7647proof(rule "→I"; rule GEN; rule "→I")
7648  fix F
7649  AOT_assume F (x[F]  p(F = y p]))
7650  AOT_hence F (x[F]  p(F = y p]))
7651    using "Buridan◇" "vdash-properties:10" by blast
7652  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
7653  AOT_assume x[F]
7654  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
7655  AOT_hence p(F = y p])
7656    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
7657  AOT_thus p(F = y p])
7658    using "prop-prop-nec:1"[THEN "→E"] by blast
7659qed
7660
7661AOT_theorem "enc-prop-nec:2": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7662  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
7663  by blast
7664
7665(*<*)
7666end
7667(*>*)